Job description

Our client, a rapidly growing financial services firm, is seeking a highly skilled Senior Information Security Analyst specializing in Cloud Security to join their dynamic team in **Nashville, Tennessee, US**. This role is crucial for safeguarding the organization's digital assets, cloud infrastructure, and sensitive data against evolving cyber threats. The ideal candidate will possess extensive experience in cloud security principles, threat detection, incident response, and security architecture for major cloud platforms (AWS, Azure, GCP). Responsibilities: Design, implement, and manage cloud security solutions across AWS, Azure, and/or GCP environments. Develop and enforce cloud security policies, standards, and procedures. Monitor cloud environments for security threats, vulnerabilities, and suspicious activities. Conduct security assessments, penetration testing, and vulnerability management for cloud infrastructure. Develop and execute incident response plans for cloud-related security breaches. Implement and manage security tools such as firewalls, intrusion detection/prevention systems (IDPS), SIEM, and endpoint protection. Collaborate with IT and development teams to ensure secure application development and deployment in the cloud (DevSecOps). Perform security reviews of cloud configurations and architectures. Stay abreast of the latest cloud security threats, vulnerabilities, and mitigation strategies. Provide security awareness training to employees. Develop and maintain security documentation and reports. Participate in compliance audits (e.g., SOC 2, PCI DSS, HIPAA) related to cloud security. On-call rotation may be required for incident response. Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree preferred. 5-7+ years of experience in information security, with a strong focus on cloud security. Proven experience securing cloud environments (AWS, Azure, GCP). In-depth knowledge of cloud security best practices, frameworks (e.g., NIST, CIS), and compliance requirements. Hands-on experience with cloud security tools and services (e.g., Security Groups, IAM, WAF, KMS, Azure Security Center, Google Cloud Security Command Center). Proficiency in scripting languages (e.g., Python, PowerShell) for automation is a plus. Experience with SIEM tools (e.g., Splunk, QRadar) and incident response procedures. Strong understanding of networking protocols, firewalls, and intrusion detection systems. Relevant security certifications such as CISSP, CCSP, AWS Certified Security - Specialty, Azure Security Engineer Associate are highly desirable. Excellent analytical, problem-solving, and communication skills. Ability to work effectively both independently and as part of a team. This hybrid role offers the opportunity to work both remotely and from our modern office in **Nashville, Tennessee, US**, contributing to the robust security posture of a leading financial institution.

Requirements