• Investigate security alerts escalated by SOC Level 1 analysts. • Perform deeper analysis of suspicious activity across SIEM, EDR, network, identity, cloud, and email security platforms. • Validate whether security events represent false positives, suspicious behavior, policy violations, or confirmed cybersecurity incidents. • Correlate events across multiple log sources to identify attack patterns, affected assets, compromised accounts, lateral movement, malware activity, or unauthorized access. • Determine the scope, severity, business impact, and urgency of security incidents. • Recommend containment, eradication, and remediation actions to the appropriate technical teams. • Create and maintain accurate incident timelines, investigation notes, evidence records, and escalation summaries. • Support phishing investigations, endpoint compromise analysis, suspicious login reviews, malware alerts, brute-force attacks, data exfiltration indicators, and cloud security events. • Review and improve SOC playbooks, investigation procedures, and escalation criteria. • Provide technical guidance, coaching, and feedback to SOC Level 1 analysts. • Identify recurring false positives and recommend tuning improvements for SIEM, EDR, and other detection platforms. • Participate in post-incident reviews and provide recommendations to improve detection, response, and prevention. • Support shift handovers by documenting open incidents, pending actions, and important operation contexts.

Cloud Security Analyst - Information Technology - ID 20001876 - Harrisonburg, Virginia, United States - Information Technology - Information Technology - Full-Time (Salaried) - James Madison University Position Type: Full-time Staff (Classified) Position Status: Full-Time FLSA Status: Exempt: Not Eligible for Overtime College/Division: Information Technology Department: 100755 - IT - Reengineering Madison EG Pay Band: 5 Pay Rate: Pay Range Specify Range or Amount: $75,000 - $80,000 Is this a JMU only position? No Is this a grant-funded position? No Is this a Conflict of Interest designated position? No About JMU: At James Madison University (JMU), we’re more than just a publicly funded institution — we’re a vibrant, welcoming community located on a stunning campus where innovation, collaboration, and personal growth thrive. Our mission is to prepare students for a bright future, and we believe that starts with supporting the people who make it all possible: our employees. Why Work at JMU? We offer a comprehensive benefits package designed to support your professional journey and personal wellbeing: • Generous Leave: Enjoy paid vacation, sick leave, parental leave, community service leave, and 19 paid holidays annually. • Comprehensive Health Coverage: Access high-quality health insurance options that fit your needs. • Retirement Options: Plan for your future with retirement benefits through the Virginia Retirement System. • Employee Well-Being: Our Balanced Dukes program promotes wellness and work-life integration through resources, events, and support. • Tuition Waiver Program: Advance your education with our tuition waiver program for undergraduate and graduate courses taken at JMU. At JMU, we believe in Being the Change — and that starts with creating an environment where you can grow, contribute meaningfully, and feel supported every step of the way. Discover what makes JMU a great place to work: bit.ly/JMUEmployment General Information: We’re seeking an experienced Cloud Security Analyst to assess, monitor, and improve the security configuration and risk posture of our cloud applications and environments. This role will work closely within IT, and across campus to assist the university ensure compliance with security best practices, regulatory requirements, and internal policies. The ideal candidate has a strong understanding of cloud-based environments, security frameworks, and risk assessment methodologies. This position is eligible for a remote or hybrid work schedule. Duties and Responsibilities: •Evaluate the security configuration, access controls, and risk posture of cloud environments (SaaS, PaaS) used across the university. •Implement and maintain continuous monitoring processes to detect misconfigurations, access anomalies, and potential security threats. •Assist with audits and security reviews by providing necessary documentation and technical insights. •Work within IT and with business stakeholders to integrate security controls into cloud solutions during the implementation phase and ongoing governance processes. •Stay up to date with emerging security threats, trends, and regulatory changes to enhance the security posture of the university. •Conduct security assessments, gap analyses, and risk evaluations for new and existing cloud environments. •Establish and document security requirements and best practices for cloud application onboarding, configuration, and lifecycle management. •Work to automate processes to streamline and work more efficiently as we continue to grow. •Collaborate and build relationships with multiple teams throughout the university. •Influence internal security strategy, develop and execute security initiatives to meet our objectives, and help define the criteria and measurements that we use to assess our progress. Qualifications: •Professional experience in two or more of the following areas: •SaaS application configuration management •PaaS application configuration management •Identity, authentication, and access management •Working knowledge of compliance standards and risk mitigation •Experience securing key enterprise systems, including solutions like: Salesforce CRM, Oracle Cloud, Okta, Boomi, M365, AWS, Azure and Netskope. •Strong problem-solving abilities •Experience working with remote teams •Demonstrated proficiency in working with cross-functional teams Additional Considerations: •Proven experience in cloud application integration and secure configuration management •Experience working in organizations that develop software and / or operate managed infrastructure and technology services for their own customers •Experience working in organizations that develop and operate Software as a Service •Familiarity with implementation industry established benchmarks such as CIS Benchmarks Additional Posting Information: Conditions of Employment: Employment is contingent upon the successful completion of a criminal background check. E-Verify Notice: After accepting employment, new hires are required to complete an I-9 form and present documentation of their identity and eligibility to work in the United States. James Madison University uses the E-Verify system to confirm identity and work authorization. EEO Statement: James Madison University is committed to creating and supporting a diverse and inclusive work and educational community that is free of all forms of discrimination. This institution does not tolerate discrimination or harassment on the basis of age, color, disability, gender identity or expression, genetic information, national origin, parental status, political affiliation, race, religion, sex, sexual orientation or veteran status. We promote access, inclusion and diversity for all students, faculty, staff, constituents and programs, believing that these qualities are foundational components of an outstanding education in keeping with our mission. The university is interested in candidates whose experience and qualifications support an ongoing commitment to this core quality. Anyone having questions concerning discrimination should contact the Office for Equal Opportunity: (540) 568-6991. Reasonable Accommodation: If you are an individual with a disability and need assistance searching or applying for jobs please contact us at (540) 568-3597 or jobs@jmu.edu. You may also visit the JMU Human Resource Office, located at 752 Ott Street, Harrisonburg, VA 22807 and we will be happy to assist you. Each agency within the Commonwealth of Virginia is dedicated to recruiting, supporting, and maintaining a competent and diverse work force. Equal Opportunity Employer

• Perform risk assessments, audit reviews, generate findings reports, and make appropriate recommendations for improvement and track outcomes from those activities for DES reporting requirements. • Develop and formulate comprehensive reports detailing the findings, areas of non-compliance, required POA&Ms (Plan of Action and Milestones), environmental observations, and incident reports. • Review, update, and manage security related audit plans, security plans and risk plan documentation for accuracy and consistency, proactively solves problems. • Evaluate data and formulate comprehensive reports detailing the findings, areas of non-compliance, required action plans, and environmental observations. • Generates incident reports and investigates suspicious network activity. • Preparing audit documentation that supports audit results, drafting and editing audit findings to adhere to the standards and the agency's writing style. • Research agency and industry IT security practices standards, best practices, laws and regulations, and other applicable resources, ensures compliance with standards

• Support the design, implementation, and continuous improvement of security controls, policies, and processes aligned with HITRUST requirements • Maintain the HITRUST certification posture, supporting assessments, and ensuring controls remain effective and audit ready • Collaborate closely with teams around the world • Play a key role in demonstrating CSG’s security posture to auditors, customers, partners, and regulators • Drive process improvements related to HITRUST compliance program, including control implementation and monitoring, assessment, evidence management and audit readiness