Cloud Cyber Security Analyst (Data Protection/DevOps)Location: This position will work a hybrid model (remote & office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations.The Cloud Cyber Security Analyst (Data Protection/DevOps) is responsible for providing services in support of data protection controls as part of the data protection monitoring services component of Elevance Health’s various programs that operate both on premises and in various cloud platforms. This role reports under the Operations/DevOps function within Cyber Security Threat Management. A successful candidate will be experienced in business automation processes to include scripting and utilizing automated utilities to enable security controls and administer infrastructure and applications.How You Will Make An Impact:
Configuring virtual [Linux] servers, AWS, GCP & Azure resources to complete database activity compliance.
Troubleshoot, diagnose, and resolve DAM tool related errors, vendor software bugs, and/or functionality issues across a multi-cloud environment.
Work with Elevance Health Cloud teams to set-up, resolve issues with or cover DAM requirements with cloud native resources.
Assists in the development of automation and process improvement procedures.
Track and report metrics associated with DAM technology tools.
Perform Agile communication across a multiple cloud platform environment & support cloud platform resources and functionalities with Elevance Health teams and external resources
Provides trouble resolution on complex problems and leads implementations for system and network security technologies.
Perform DAM software installation & upgrade to latest versions, including a good understanding of a broad range of database configurations.
Develops testing plans to ensure quality of implementation.
Coordinates and prepares the reporting of data security events and incidents; provides system and network architecture support for information and network security technologies.
Provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies.
Represents major upgrades and reconfigurations in change control; design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors.
Leads lights on initiatives to consolidate equipment and/or implement business relocations; determine and perform complex configuration changes to meet business and information security requirements.
Recommend and implement capacity increases; serve as the technical escalation for results of preventative maintenance routines.
Minimum Requirements:
Requires a bachelor’s degree or equivalent combination of education and experience that would provide the knowledge to perform such work.
Experience must include a minimum of 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background.
Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
Preferred Skills, Capabilities & Experiences:
Technical security certifications (e.g. Systems Security Certified Practitioner) strongly preferred.
BA/BS degree in Information System and Computer Science or related field of study strongly preferred.
Understanding of CI/CD pipelines is a plus.
Knowledge of Multi-cloud life cycle management and maintenance planning is preferred.
General knowledge of engineering concepts of cloud platforms (e.g. AWS, GCP, Azure, GovCloud, OCI & DISA cloud) is a plus.
Working knowledge of the following is preferred: Vulnerability Management, Capacity Analysis, Performance Monitoring and Cloud Infrastructure Rehydration.
Experience in providing analytical reports using tools from MS Office is a plus.
3 years' cloud experience (DISA Cloud, DoD/Government Cloud, AWS, GCP, Azure certifications) is helpful.
Knowledge of scripting in various languages (JSON, YAML, Terraform, BASH, PowerShell) is a plus.
Experience with Imperva SecureSphere (version 12+) or Guardium similar tools is preferred.
Experience with Symantec Data Loss Prevention (version 15.5+) or similar tools is preferred.
Experience with SONAR, CASB, Netskope or similar tools is a plus.
Experience with automation or scripting toolsets (e.g. Terraform, Ansible Automation Platform, Nagios, BigFix, etc.) is preferred.
