Cloud Security / LaceWork engineer

Role: Cloud Security/LaceWork engineer - 3 resources Location - Remote Duration - 6 months + • Build incident response playbooks for our Security Operations Center Team (SOC) for all critical and high cloud alerts • Configure and Tune alerting on Lacework and GuardDuty • Point CloudTrail logs to specific Splunk indexes (per op-co) • Provide appropriate investigation resources for SOC including: • Splunk Dashboards • Access / Training on Cloud • Provide IAM audit functions for AWS environments • Work with AWS account owners to migrate from disparate SAML sources to centralized AWS SSO through Azure AD • Create a process document for discovering, responding and documenting rogue AWS accounts • Assist Security team in Incident Response Activities. • Program management knowledge

Created: 2024-11-04