This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

Tyto Athene is hiring a Security Analyst to join our team of cloud, cybersecurity, and compliance professionals. This role is responsible for securing and maintaining compliance across multi-cloud environments (AWS, Azure, and GCP) in accordance with FedRAMP, FISMA, and client-specific security requirements.

The ideal candidate has hands-on experience in cloud security operations, vulnerability management, and continuous monitoring within regulated environments, and can operate independently while effectively engaging with technical and non-technical stakeholders.

• Maintain and enforce security baselines across AWS, Azure, and GCP cloud environments in alignment with federal compliance requirements.
• Perform daily review and analysis of vulnerability scans, compliance dashboards, and security monitoring tools to ensure adherence to established standards.
• Generate recurring security and compliance reports based on vulnerability, configuration, and monitoring data.
• Monitor, analyze, and respond to alerts from enterprise security tools, including SIEM, endpoint protection, container security, and vulnerability management platforms.
• Support and operate in accordance with security authorization documentation and compliance frameworks, including:
  • System Security Plans (SSPs)
  • Contingency Plans (CPs)
  • Incident Response Plans (IRPs)
  • Plans of Action & Milestones (POA&Ms)
  • Configuration Management Plans (CMPs)
  • Remediation Plans
• Develop, update, and maintain POA&Ms and coordinate remediation efforts with Security Engineers, DevOps teams, system owners, and client stakeholders.
• Maintain accurate hardware, software, and cloud asset inventories for supported systems.
• Support contingency plan and incident response testing, documentation, and training activities.
• Conduct risk analyses and security impact assessments in support of Significant Change Requests (SCRs) and system modifications.
• Review, analyze, and document findings from vulnerability scans and compliance assessments.
• Provide Continuous Monitoring (ConMon) support to enforce client security policies and procedures.
• Participate in Change Control Board (CCB) activities, including review of proposed changes for security impact.
• Communicate effectively through ticketing systems, written reports, and client meetings.
• Contribute to the development and refinement of internal processes supporting Continuous Monitoring, reporting, and configuration management activities.

Qualifications

• Demonstrated experience securing and supporting AWS, Azure, and/or GCP cloud environments.
• Strong background in systems administration and vulnerability management within cloud-based systems.
• Hands-on experience configuring, administering, or analyzing one or more of the following tools/technologies:
  • Palo Alto Networks Firewalls
  • Splunk Enterprise
  • Tenable Security Center / Nessus
  • Trend Micro Deep Security
  • Anchore
  • Twistlock
  • Terraform
  • CloudFormation
  • Ansible
• Ability to actively and effectively communicate, collaborate, and solve complex customer problems.
• Ability to think strategically and act proactively in regulated, compliance-driven environments.
• Ability to work independently with minimal direction or supervision.

Requirements

• Must be a US Citizen with the ability to obtain a Public Trust or DoD Secret clearance.

Location

• US, remote

Compensation

Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically between $75,000 - $95,000. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• Professional development reimbursement
• Parental leave