Azure Cloud Security Operations Sr Analyst, Global Information Security

Azure Cloud Security Operations Sr Analyst, Global Information Security

Bank of America is seeking an Azure Senior Cloud Operations Specialist to join Global Information Security. You will help modernize and optimize cloud operations workflows, ensure consistent quality and urgency of investigations, and establish a defined decision matrix for escalations to partner organizations. You will collaborate with partner teams to reduce event volume, increase event fidelity, and engineer detections for new threats and risks. You will also support the development and maintenance of innovative training programs to upskill cybersecurity operations professionals for Azure cloud operations and act as a representative for cloud-related operations in audits or regulatory examinations.

Key Responsibilities

• Investigate security events and incidents within cloud environments, utilizing advanced tools and techniques to identify threats and vulnerabilities.
• Design and implement comprehensive workflows for handling security events, ensuring timely and effective response procedures.
• Collaborate with cross-functional teams to develop and refine security policies, procedures, and best practices tailored to Azure cloud security operations.
• Provide guidance and mentorship to junior team members, fostering their professional development and enhancing overall team capabilities.
• Stay abreast of emerging threats, vulnerabilities, and industry trends, continually updating skills and knowledge to maintain expertise in cloud security.

Qualifications

• Extensive experience (7+ years) in cybersecurity operations, with a focus on Azure.
• Proven expertise in investigating security events and incidents within cloud environments, demonstrating strong analytical and problem-solving skills.
• Solid understanding of regulatory compliance requirements, particularly in highly regulated industries (e.g., healthcare, finance, government).
• Experience in designing and implementing workflows for security event investigation and response.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and mentor junior team members.
• Ability to thrive in a fast-paced environment, managing multiple priorities and deadlines effectively.

Required Skills

• Understanding of Azure and its associated technologies, both from Security and Cloud Ops perspective.
• 8+ years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
• Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within Cloud IaaS, PaaS, and M365 environments.
• Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
• Experience with a range of Azure native services and tools.
• Experience writing and modifying Analytic Rules.
• Experience designing and implementing SOAR capabilities within Azure.
• Deep understanding of Cyber Security control environments and their relationship to zero-trust networks.
• Understanding of Terraform.
• Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
• Understanding of Risk Management principles.
• Experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure with either native cloud service provider capabilities or 3rd party vendor tools.
• Proven ability to leverage Azure native capabilities to build custom reports and dashboards.
• Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
• Ability to perform root cause analyses.
• Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
• Ability to support 24x7x365 global support through rotational on-call.
• Highly organized and motivated self-starter who can deliver results with minimal direction.
• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Preferred Certifications

• AZ-500: Azure Security Engineer Associate
• CISSP
• CISM

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Management and Manufacturing
• Industries: Banking

Referrals increase your chances of interviewing at Bank of America by 2x

#J-18808-Ljbffr

---