Intermediate Cyber Security Analyst, Cloud Operations - 2800

Intermediate Cyber Security Analyst, Cloud Operations - 2800

Duration: 6 months (possibility of extension)

Location: Hybrid (Markham - 3 days a week)

We are looking for a Cloud Operations Analyst with a strong cybersecurity background to join our growing cloud team. This role will focus on designing, implementing, and securing cloud infrastructure and applications, with a particular emphasis on Cloud-Native Application Protection Platforms (CNAPP). You will work closely with Networking, Vulnerability Management, and Engineering teams to ensure our cloud environments are secure, compliant, and resilient.

Responsibilities:

• Design and operate secure, scalable, and resilient cloud security processes on platforms such as AWS and Azure.

• Integrate and manage CNAPP solutions (e.g., AWS SecurityHub, Lacework, Wiz, Orca security) to provide visibility and protection across the cloud-native stack.

• Implement and maintain cloud security controls, including identity and access management (IAM), reporting and incident response processes, and security groups.

• Automate security and compliance checks using policy tooling, scanners, and integrated telemetry pipelines.

• Monitor and respond to cloud cybersecurity incidents, vulnerabilities, and misconfigurations.

• Collaborate with other Cybersecurity teams on projects and initiatives, providing expertise in the relevant field.

• Conduct regular cloud cybersecurity assessments, threat modeling, and risk analysis.

• Stay current with evolving cloud cybersecurity threats, tools, and best practices.

Must Haves:

• 3+ years of experience in cloud operations with a strong focus on cybersecurity.

• Hands-on experience with at least one major cloud provider (AWS, Azure, or GCP).

• Experience with CNAPP platforms and cloud security posture management (CSPM).

• Proficiency in scripting, automation, usage of APIs (e.g., Python, Bash, PowerShell).

• Familiarity with cloud-hosted instances such as containers (e.g., Docker, Kubernetes).

• Strong understanding of cloud networking, IAM, encryption, and compliance frameworks (e.g., NIST, CIS, ISO 27001).

Nice to Have:

• Insurance industry specific background would be an asset

Key Tools and Useful Skills:

• AWS Security Hub, S3, and Cloudtrail

• Azure Sentinel / Crowdstrike EDR

• Tanium Threat Intelligence

• Atlassian JIRA, Confluence

• ServiceNow / Assyst Ticketing

• FortiSOAR, Rapid7, or similar SIEM/Log Ingestion tools

• API usage and manipulation via IDE (VSCode, PyCharms, etc.)

Education

• Cybersecurity-related Degree or Equivalent Experience

Tools:

• SIEM, EDR, Vulnerability Management, DLP, Endpoint Management Solution