FT Cloud Security Analyst

Summary
The Cloud Security Analyst is a member of the Network Services team responsible for securing the colleges cloud infrastructure, applications, and data. This position focuses on protecting systems within Microsoft 365, Azure, and other cloud-based platforms, ensuring the confidentiality, integrity, and availability of institutional information. The Cloud Security Analyst works collaboratively with infrastructure, application, and support teams to implement security best practices, respond to incidents, and maintain compliance with regulatory requirements. Essential Duties and Responsibilities include the following.

Essential Duties and Responsibilities include the following:

• Monitor cloud environments for security threats, vulnerabilities, and suspicious activity.
• Manage and distribute Windows Updates to the colleges computers, laptops, and servers.
• Respond promptly to security incidents, alerts, and service requests related to cloud platforms and applications.
• Investigate, analyze, and remediate security incidents including phishing, account compromise, malware, and unauthorized access attempts.
• Manage the colleges Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR) platforms, including monitoring alerts, investigating suspicious activity, coordinating incident response efforts, tuning detection rules to reduce false positives, and ensuring endpoints remain compliant with established security standards.
• Conduct ongoing risk assessments of cloud and on-premises systems to identify security gaps, evaluate potential threats and vulnerabilities, document risk findings, and develop mitigation strategies aligned with institutional policies and industry security frameworks.
• Administer and maintain security configurations within the colleges cloud infrastructure.
• Configure and manage identity and access controls including Azure Active Directory, multi-factor authentication (MFA), conditional access policies, and role-based access controls (RBAC).
• Implement and monitor Advanced Threat Protection, Defender for Office 365, and related Microsoft security solutions.
• Conduct vulnerability assessments and coordinate remediation efforts for cloud systems and applications.
• Develop, maintain, and update cloud security governance documentation, standards, and procedures.
• Ensure compliance with FERPA, HIPAA (as applicable), PCI-DSS, and other regulatory or accreditation requirements impacting higher education.
• Perform risk assessments for new cloud technologies and services prior to implementation.
• Collaborate with other IT teams, including infrastructure and application support, to secure hybrid and on-premises integrations.
• Maintain up-to-date documentation of cloud configurations, security controls, incident response procedures, and continuity plans.
• Develop and maintain scripts (e.g., PowerShell) to automate security tasks, reporting, and monitoring within the cloud environment.
• Analyze email security trends including SPAM, PHISHING, and spoofing attempts and implementing remediation measures.
• Manage security logging, auditing, and reporting within SIEM or cloud-native monitoring platforms.
• Assist in the development and testing of disaster recovery and business continuity procedures related to cloud services.
• Assist with training and guidance to IT staff and end users regarding secure cloud usage and security awareness best practices.
• Schedule and maintain backups for areas of responsibility and verify data recovery processes.
• Enter and clears service requests in the colleges helpdesk system.
• Maintains a continuity binder related to each assigned system.
• Works closely with outside vendors and agencies for technical support and security assessments.
• Performs periodic weekend and after hour work.
• Responds to after-hour calls, as needed.
• Performs other job-related duties as assigned in support of the College's goals and core values.

Education Minimum:

Associate degree in Cybersecurity, Information Technology, Computer Science, or related field.

Experience Minimum:

• 25 years of experience in cybersecurity or cloud security
• Hands-on experience with AWS, Azure, or other security services
• Experience with SIEM, IDS/IPS, endpoint protection, and vulnerability management tools

Required Skills:

• Knowledge of cloud networking and architecture
• Understanding of encryption, firewalls, VPNs, and zero-trust security
• Experience with security frameworks and compliance standards
• Knowledge of Microsoft Security using Active Directory, Azure AD (Active Directory), and Office 365 Online groups.
• Knowledge of Windows Operating Systems, Microsoft SQL, Microsoft IIS, Microsoft Internet Explorer, and network concepts.
• Experience in the development of technical and user documentation.
• Basic scripting and development skills using PowerShell.
• Demonstrated focus on customer service skills and ability to communicate clearly and effectively to a wide variety of audiences.
• Ability to multi-task and set priorities within tight timelines and high client expectations.
• Strong analytical, project management, customer service, and team-oriented interpersonal skills.
• Critical thinking and problem determination skills.
• Strong computer skills including proficiency with Microsoft Word, Excel, PowerPoint, Outlook, and web-browsers.
• Ability to identify deficient processes/procedures and assist in the development and implementation of solutions.
• Ability to maintain an elevated level of confidentiality.

• Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals.
• Ability to draft routine reports and correspondence.
• Ability to speak effectively before groups of customers or employees of the organization.

• Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals.
• Ability to compute rate, ratio, and percent and to draw and interpret bar graphs.