Ref: a0M1i00000PDfVwEAL_1651171790

Cloud SecOps Analyst

USA, New York

Job description

Cloud SecOps Analyst


*Act as a subject matter expert on Cloud cyber risks for AAD and M365.
*Designing, implementing, and participating in the incident response processes specific to AAD and M365 deployments.
*Implement security monitoring, including logging aggregation, correlation, and real-time alerting of security events and incidents.
*Provide threat modeling and risk assessment services to characterize the risk and severity posture of AAD and M365 deployments.
*Validate that system design/architecture meets compliance requirements.
*Run Cloud Continuous Monitoring reporting/metrics governing all security. compliance/hygiene issues/security best practices across the AAD/M365 ecosystem.
*Recommending and implementing security/compliance features to M365 tenants.
*Effectively articulate technical security specifications, requirements, etc. through written and verbal communications to both technical and non-technical partners.
*Identify opportunities to automate and standardize information security controls and for the supported groups.
*Resolve any vulnerabilities or issues detected in an application or infrastructure.
*Analyze source code to mitigate identified weaknesses and vulnerabilities within the system.
*Review and validate automated testing results and prioritize actions that resolve issues based on overall risk.
*Scan and analyze applications with automated tools, and perform manual testing if necessary.
*Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.
*Direct the development and delivery of secure solutions by coordinating with business and technical contacts.
*Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.