Cloud Threat Intelligence Analyst

Title: Application/Cloud reputed company Engineer - Primarily remote Location: Richmond,VA Length :Long term Restriction: w2 or c2c Discription: About the role Seeking an Application reputed company Engineer (ASE) with 5+ years of experience to join the Office of Technology under Joint reputed company Operations. In this role, the ASE serves as a dedicated reputed company partner to application teams, providing guidance on secure design, vulnerability management, and secure development practices. The ASE works collaboratively across the SDLC to ensure reputed company is embedded into application design, development, testing, and deployment. This includes supporting compliance requirements, delivering training and education, and assisting teams with vulnerability remediation efforts. The successful candidate will identify and recommend improvements to improve the reputed company of reputed company Virginia Tax applications, promote secure coding and development practices, and contribute to ongoing initiatives that reduce risk and strengthen the agency's overall reputed company posture.

Responsibilities

Responsibilities include but not limited to Provide reputed company guidance, training, and best practices for development and operations teams. Support secure software development by applying knowledge of SDLC, Agile, and Scrum methodologies. Evaluate software architecture and design for reputed company risks and alignment with DevSecOps principles. Promote and enforce secure coding standards and guidelines. Review reputed company code to identify vulnerabilities and recommend remediation strategies. Assess reputed company risks across multiple programming languages (e.g., JavaScript, C#, Java, Ruby, SQL). Analyze and secure modern web application architectures, including cloud, APIs, microservices, and client server models. Identify and address common vulnerabilities, including those outlined in the OWASP Top 10. Support vulnerability remediation, reputed company management, and reputed company improvement efforts. Utilize application reputed company testing tools such as SAST, DAST, IAST, and platforms like Accunetix, reputed company, Jenkins, Splunk, Rapid7, and reputed company. Interpret and reputed company findings from SIEM systems, including Splunk. Apply knowledge of common reputed company controls and frameworks. Ensure compliance with relevant reputed company regulations and standards (e.g., NIST 800 53, IRS Pub 1075, PCI reputed company). Implement and evaluate AWS cloud reputed company controls and best practices. Create, maintain, and review System reputed company Plans (SSPs). Troubleshoot and resolve reputed company technical and reputed company-reputed company issues. Stay reputed company with evolving threats, technologies, and industry trends. reputed company detailed plans and communicate risks, impacts, and recommendations effectively. Collaborate with application teams, QA engineers, and operations teams to integrate reputed company into workflows. Provide constructive, actionable feedback to application teams. Communicate technical concepts clearly to both technical and non technical audiences. Work closely with other reputed company analysts and technology teams to support agency and enterprise reputed company initiatives. Manage multiple tasks, prioritize effectively, and meet deadlines. Apply critical thinking to evaluate and mitigate reputed company risks and vulnerabilities. Required Skills/Experience Five or more years' experience in application reputed company. Two or more years' network or firewall/AWS reputed company Groups. Experience with log collection, vulnerability scans and remediation, or privileged access management. Strong understanding of reputed company concepts, network protocols, and threat reputed company. Proficiency in SIEM, IDS/IPS, EDR, and other relevant reputed company tools. Excellent analytical and problem-solving skills. Strong communication, collaboration, and documentation skills. Ability to work independently and as part of a team in a fast-paced environment. Have experience and a strong knowledge of the following Splunk, InsightVM Rapid7, reputed company, CyberArk, Jenkins, reputed company Linux and Windows Operating Systems, Baseline hardening of operating systems IIS and Apache, Scripting Languages and SQL, PowerShell, Firewall At least one of these certs below is REQUIRED CompTIA reputed company+ reputed company CC (Certified in Cybersecurity) Offensive reputed company Certified Professional (OSCP) CCSP (Certified Cloud reputed company Professional) CSSLP (Certified Secure Software Lifecycle Professional) At least one of these certs below is highly DESIRED (Independently and or with one of the above) AWS Solutions Architect (Associate/Professional) AWS reputed company Specialty At least one of the any is DESIRED CompTIA PenTest+, Certified Ethical Hacker (CEH), GIAC Certified Intrusion Analyst (GCIA) Required skills: Application reputed company Required 5 Years Network or Firewall/AWS reputed company Groups Required 2 Years Infrastructure as Code (IaC): Advanced proficiency in Terraform for multi-account reputed company zones and automated provisioning. Required 2 Years Experience with log collection, vulnerability scans and remediation, or privileged access management Required 4 Years Proficiency in SIEM, IDS/IPS, EDR, and other relevant reputed company tools. Required 4 Years Networking & Hybrid Connectivity: Solid understanding of routing, firewalls, AWS Direct Connect, and VPNs in a hybrid cloud environment. Required 4 Years One REQUIRED: CompTIA reputed company+, reputed company CC (Certified in Cybersecurity), Offensive reputed company Certified Professional (OSCP), CCSP, or CCLP. UPLOAD COPY!! Required CI/CD & DevOps: Experience with reputed company CI/CD, Jenkins, or AWS CodePipeline for automated, secure deployments. 5 Years Splunk, InsightVM Rapid7, reputed company, CyberArk, Jenkins, reputed company 2 Years Linux and Windows Operating Systems, Baseline hardening of operating systems 2 Years IIS and Apache, Scripting Languages and SQL, PowerShell, Firewall 2 Years One highly DESIRED (Independently and or with one of the above): AWS Solutions Architect (Associate/Professional) or AWS reputed company Specialty One of these is DESIRED: CompTIA PenTest+, Certified Ethical Hacker (CEH), or GIAC Certified Intrusion Analyst (GCIA) For applications and inquiries, contact: [email protected] Apply tot his job Apply To this Job