Proficiency with creating CI/CD pipelines and stages with Harness using YAML templates. Kong plugin development using Lua or Go. Experience with Package Managers like LuaRocks. Experience with containerization (Docker), and orchestration tools (Kubernetes). Experience with cloud platforms such as AWS, Google Cloud, or Azure. Familiarity with monitoring and logging tools like Datadog and OpenTelemetry.
SOC Analyst
Location
United States
Posted
4 days ago
Salary
0
Seniority
Mid Level
No structured requirement data.
Job Description
SOC Analyst
Texas State Library and Archives Commision
Role Description The resource will be responsible for developing the State's Medicaid Data Warehouse system security plan, supporting audits, and third-party assessments. The resource will focus on ensuring the State's security posture meets compliance standards by actively participating in internal and external audits, reviewing third-party vendor security practices, and identifying potential risks to mitigate during assessments. - Create and maintain System Security Plans for the State of Nebraska's Data Warehouse. - Develop standard operating procedures, controls-related documentation, and other required security documents. - Prepare for audits: Gather necessary documentation, review security controls, and address any identified gaps before an audit occurs. - Collaborate with auditors: Provide access to systems and information, answer questions about security practices, and explain control implementation details. - Collaborate with the State team to prepare for audits and internal assessments. - Responding to audit findings: Analyzing audit results, developing remediation plans, and tracking progress on addressing identified issues. - Third-party vendor risk assessment: - Evaluating the security posture of third-party vendors by reviewing their security policies, procedures, and controls. - Identifying potential security risks associated with vendor relationships. - Communicate security concerns to vendors and work with them to implement necessary security improvements. Qualifications - Expertise in security frameworks, including NIST Cybersecurity Framework, NIST 800-53, and other industry standards such as ISO 27001, PCI DSS, and CIS Controls. - Experience in developing System Security Plans (SSPs) aligned with NIST guidelines. - Strong ability to identify, analyze, and prioritize security risks, along with a solid understanding of audit methodologies and compliance reporting requirements. - Broad understanding of network security, system administration, application security, vulnerability management, and data protection technologies. - Experience interpreting vulnerability assessment reports and remediating security findings. - Ability to effectively communicate security risks and recommendations to both technical and non-technical audiences, including leadership. - Minimum of seven years in IT security roles, with a preference for candidates who have held management or leadership positions. - Bachelor's degree in cybersecurity, computer science, information technology, or a related field.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
• Provide support to the MARAD Information Assurance Program for operations, business and administrative in support of the System Authorization Process and deliverables. • Direct involvement with MARAD Program Office and the Information System Security Manager (ISSM) on cybersecurity and authority to operate (ATO) matters. • Manage MARAD’s Information System’s core documentation, in accordance with each phase of the system engineering process / System Development Life Cycle (SDLC). • Support creation/update of FIPS 199 Security Categorization document; ensure information type(s) and special considerations (if applicable) are defined. • Support creation/update security control selection listing. • Support creation/update System Security Plan (SSP). • Assist in security incident response, risk mitigation, and compliance reporting.
Senior Competitive Intelligence Analyst – Cloud Security
CrowdStrikeCrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks. The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team. We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
• Synthesize and formulate guidance from a variety of information levels and sources (technical, business, field, external) and regularly present key takeaways to the field and to senior leadership • Provide a field-actionable, in-depth and ever-evolving understanding and analysis of cloud security market relative to CrowdStrike solutions and capabilities • Provide tailored deal support (competitive surgeries & guidance), and develop a deep rapport with the field • Work closely with the rest of the Competitive Intelligence team at CrowdStrike, as well as other key stakeholders (including the office of the CTO, sales, product, and marketing teams), functioning as a primary liaison for cloud security competition which includes development of competitive support material and competitive readiness plans. • Make recommendations on sales tactics and product strategy to enable CrowdStrike to win in the market. • Be a self-starter with an ownership mentality. You will work autonomously in the development of project plans, requirements, timelines, content, and ongoing tracking/updates of the cloud competitive landscape. • Conduct win/loss analysis, using both quantitative and qualitative data source to determine why CrowdStrike wins and loses vs the competition.
Information Security Analyst
DidomiDidomi builds technology that allows organizations to place customer consent at the core of their strategy.
• Help maintain and improve our ISO 27001 management system, ensuring controls remain effective, documented, and continuously evidenced. • Contribute to internal audits, surveillance audits, and recertification cycles, including the upcoming unified audit covering Didomi and recently acquired business units. • Track corrective actions, nonconformities, and continuous improvement initiatives, supporting the security team in driving them to closure. • Carry out recurring activities on the security calendar in support of the security team, including vulnerability scanning campaigns, quarterly access reviews, risk assessments, business continuity tests, and policy review cycles. • Triage vulnerability findings from AWS GuardDuty, Inspector, and other sources, then work with the Security Manager to define remediation priorities and follow them through to closure. • Run periodic access reviews across critical systems (Google Workspace, AWS, Slack, JAMF, GitLab, GitHub, and internal applications), surfacing findings to the Security Manager and helping ensure they are remediated. • Contribute to the security team's reviews of new tools, vendors, and SaaS applications for security and compliance risks before adoption. • Help the security team assess and harden internal workflows, with a particular focus on identity, access management, MFA, SSO, and data handling. • Support the security team on security questionnaires, RFPs, and customer due diligence requests. • Support the security team on broader initiatives such as AI governance, SaaS governance, and integration of acquired entities into the ISO scope.
• Develop and enhance vulnerability scanning strategies to ensure comprehensive coverage • Conduct internal and external vulnerability assessments and validate scan results • Apply established vulnerability management standards to classify vulnerabilities • Categorize and prioritize assets according to criticality • Partner with EBTS teams to develop and execute vulnerability remediation plans • Track and report remediation activities • Analyze emerging cyber threats and assess potential impacts • Communicate current risk exposure and remediation efforts to senior leadership • Develop, maintain, and present vulnerability management metrics and executive reports • Create, update, and maintain policies, standards, procedures related to vulnerability management • Ensure security controls are operating effectively to satisfy audit and regulatory requirements • Assist in the development of a threat hunting program • Collaborate with internal teams to investigate, validate, and resolve vulnerability findings



