Job Posting Title

Senior Cloud Security Analyst (VP)

Who are we looking for

An experienced security professional with deep expertise in cloud security. The senior analyst will be responsible for designing and implementing critical capabilities and security controls around cloud infrastructure and applications. Success in this role will require deep expertise and a passion for continued learning, as well as an in-depth understanding of security operations.

What will you be responsible for

• Ensuring the security of State Street by delivering exceptional detection and response capabilities in public cloud environments
• Partnering across our Cyber Fusion Center to define required capabilities and controls in cloud environments, including for threat detection, incident response, and threat hunting
• Designing and implementing specific capabilities or controls for cloud infrastructure (IaaS) and apps (SaaS)
• Evaluating existing cloud environments against baseline requirements for capabilities and controls
• Providing cloud platform expertise to support threat detection in cloud environments, for example adding context around platform-specific concerns or capabilities
• Educating key operational teams on security operations in cloud environments, in particular incident response techniques for relevant cloud platforms
• Assessing cloud detection and IR capabilities through practical exercises and tabletops, to include assessment of additional skills or capability needs
• Representing the Cyber Fusion Center on strategic cloud projects, providing input and assistance around threat detection, incident response, and other operational security concerns
• Overseeing the work of junior team members and contributing to their professional development

What we value

• Deep expertise in cloud security, including the design, implementation, and operation of security controls
• Experience developing and deploying tools and capabilities which enable threat detection or response
• Significant experience securing AWS, and preferably at least one other cloud infrastructure platform
• Strong foundational security knowledge, with specific expertise in threat detection, incident response, threat hunting, or similar
• Understanding of current security threats and other challenges, as well as frameworks like MITRE ATT&CK
• Familiarity with common enterprise security tools, specifically SIEM, EDR, and NSM tools
• Experience with scripting, system integration, and light development (e.g., Python, PowerShell, other scripting)
• Experience managing technology projects including solution design, deployment, and enhancement
• Exceptional communication and presentation skills (verbal and written), a collaborative approach, and ability to build partnerships with diverse stakeholders
• A track record of succeeding in distributed, international teams

Education & Preferred Qualifications

• This is a role for an experienced security professional, expected to have 7+ years of relevant security experience
• Qualified candidates will have direct experience securing cloud infrastructure in AWS, and preferably at least one other cloud platform
• A degree is not required for this role, but a qualification in information security or information systems may be beneficial
• Experience developing and delivering technical training would be beneficial
• Security certifications may be beneficial (e.g., CSA Certificate of Cloud Security Knowledge, CISSP, CISM, relevant cloud certifications), or certifications from key cloud providers
• Experience in financial services may be beneficial, or experience of leading technical teams

Additional Requirements

• This role may be filled in Ireland (Dublin or Kilkenny preferred, or remote) or United States (MA preferred, or remote)
• This is primarily a strategic role rather than operational, however occasional participation in an on-call rotation may be required to support relevant work by other teams