Senior Cyber Security Analyst - Tribute

Security Operations & Defense

• Monitor networks, systems, and cloud services for threats, vulnerabilities, and anomalous activities.
• Lead vulnerability management efforts, including scanning, reporting, and remediation tracking.
• Support incident response lifecycle—detection, containment, analysis, recovery, and lessons learned.
• Maintain and tune security tools (SIEM, VM, EDR, CSPM, CWPP, Email Security) for effective detection.
• Contribute to risk assessments and compliance activities (PCI, SOC 2, ISO, GDPR).
  
  

• Design and enforce secure cloud configurations across AWS/Azure/GCP, following CIS benchmarks and industry standards.
• Collaborate with DevOps teams to embed security controls into CI/CD pipelines, including IaC scanning, container security, and automated code analysis.
• Implement policy-as-code and security guardrails to prevent misconfigurations and enforce least privilege.
• Engineer solutions for identity security, secrets management, and encryption across cloud workloads.
• Partner with developers and architects to provide secure design reviews and proactive risk mitigation.
  
  

• Act as a security advisor for engineering and product teams, providing guidance on secure development practices.
• Mentor junior analysts and engineers on both operational defense and engineering practices.
• Prepare and present security metrics, reports, and risk insights to leadership.
  
  

• 7+ years of cybersecurity experience with exposure to both security operations and security engineering.
• Proven expertise in cloud security (AWS, Azure, or GCP), including IAM, WAF, container/Kubernetes, and workload protection.
• Strong experience with security automation and scripting (Python, PowerShell, or Bash).
• Familiarity with DevSecOps tools and processes.
• Knowledge of security frameworks and compliance standards (NIST, ISO 27001, PCI DSS).
• Experience with MDR/EDR solutions.
• Excellent communication skills for working with both technical and business stakeholders.
• Continuous learner who stays ahead of emerging cloud threats and modern security practices.