- Company Name
- Saronic Technologies
- Job Title
- Cloud Security Analyst
- Job Description
-
Job Title: Cloud Security Analyst
Role Summary
Responsible for safeguarding AWS GovCloud environments for DoD Impact Level 5/6 systems, ensuring compliance with FedRAMP High, DoD IL5/IL6, CUI, and related frameworks. Supports continuous monitoring, incident response, IAM management, and accreditation preparation.
Expectations
- Maintain a security clearance suitable for DoD environments.
- Provide rigorous configuration, monitoring, and hardening of AWS services.
- Collaborate cross‑functionally to embed security into development and operations cycles.
- Deliver clear, actionable findings to technical and non‑technical stakeholders.
Key Responsibilities
- Evaluate and monitor AWS GovCloud for FedRAMP High/IL5/IL6 compliance.
- Review IAM, permissions, and resource configurations to enforce least‑privilege.
- Audit and recommend improvements for S3, EC2, RDS, CloudTrail, KMS, Config, and other cloud services.
- Deploy and maintain baseline guardrails and baseline security policies.
- Track, report, and close security findings from AWS Security Hub, GuardDuty, CloudTrail, and other tools.
- Assist in vulnerability management, scanning, prioritization, and remediation verification.
- Support cloud incident response: log collection, event analysis, and evidence preservation.
- Contribute to security documentation, audit evidence, and RMF‑related activities for IL5/IL6 accreditation.
- Automate compliance checks, monitoring, and remediation where possible.
- Interface with Security, Software, and IT teams to guide secure deployments and IAM changes.
Required Skills
- 1–2 years of cybersecurity experience (internships acceptable).
- Proficiency with AWS security services (Identity & Access Management, Resource Monitoring, GuardDuty, Security Hub, Config, CloudTrail, KMS).
- Strong analytical, problem‑solving, and troubleshooting abilities in cloud environments.
- Knowledge of DoD IL4+, FedRAMP High, and CUI protection requirements.
- Ability to interpret and apply NIST frameworks (800‑171, 800‑53) and CMMC‑2.0 controls.
- Effective communication skills for diverse audiences.
Required Education & Certifications
- Bachelor’s degree or equivalent in Cybersecurity, Computer Science, or related field (industry experience may substitute).
- Current security clearance (or ability to obtain one).
- Preferred AWS certifications (Cloud Practitioner, Security, Solutions Architect, SysOps, Developer).
- Preferred additional credentials: SANS GIAC GSEC, Terraform IaC security review, or relevant DoD‑accredited experience.