Sr. GCS Cloud Security Analyst

Job Description

The Senior Cloud Security Analyst is responsible for daily management of security posture pertaining to our digital environment operations as well as support of identity access management (IAM) for the Holland America, Seabourn, and Holland America Princess (Brands). This role requires assisting the GCS IAM team with bringing the Brands into and maintaining compliance in accordance with GCS policies and directives. All responsibilities transverse shoreside and shipboard across the fleets. This role requires experience in evaluation of cloud environment security posture, security directives and project creation, as well as risk mitigation to achieve and maintain desired business outcomes. This position requires working with brand stakeholders in pursuit of security and compliance solutions across the Brands

Essential Functions

• Management, evaluation, maintenance, and enhancement of the cloud security posture.

• Operation of identity and access processes and controls for SailPoint, Active Directory, Email, and Collaboration Platforms and cloud-based solution

• Continuous improvement of the brand vulnerability management people, process, and technology analysing cloud environment reporting, prioritizing, and working with brand IT to make Cloud Security Management data actionable and understandable.

• Evaluation and providing directives and guidance regarding our SIEM integrations, identifying potential blind spots, and assisting with configuration validations. Augment and assist GISCS Security Operations, monitoring and triaging brand security events (Security Operations)

• Creates visual information in the form of dashboard(s) and reports for executives and business stakeholders on a regular basis that communicates Cybersecurity risks and KRIs. Provides regular information briefs to Senior Leadership.

• Helping to continuously improve the brands cybersecurity Key Risk Indicators (KRI) and reporting.

• Assisting with security architecture reviews for new and proposed integrated solutions.

• Evaluating and assisting with managing shoreside and shipboard access management and cloud processes and solutions.

• Providing consultation and training to brand IT team members on new configurations and solutions.

• Assisting the Cybersecurity PMO to build and prioritize backlog.

• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner. Ability to work well with highly technical infrastructure teams

Qualifications

• Education: bachelor’s degree in computer science, or other technical degree or equivalent experience

• Required Certifications: industry recognized technical certification desired (CompTIA Cloud+, AWS Certified Security Speciality, Microsoft Azure Security Engineer Associate)

• Years & or Area of Professional experience: Minimum 5+ years of relevant industry experience with access management and cloud security.

• Preferred Experience & Type: Hands-on experience with Orca Security

• Critical Professional related Technical Skills, Computer Skills:

• Hands-on experience with Azure administration

• Hands-on experience with Orca Security

• Hands-on experience with AWS security administration

• Hands-on experience with PowerShell scripting

• Hands-on experience with SailPoint IAM solution

• Hands-on experience with Active Directory

• Hands-on experience with Windows workstations and server operating systems

• Hands-on experience with managing security for AWS cloud environment tenants

• Proven track record of taking ownership of strategic initiatives and driving results in complex environments

• Proven success in contributing to a team-oriented environment

• Proven ability to work creatively and analytically in a problem-solving environment

Knowledge, Skills & Abilities

• Ability to work in a fast-paced setting

• Excellent oral and written communication skills

• Ability to administer and interpret information security policies

• Strong organizational and analytical skills Ability to multi-task and handle changing priorities

Decision-Making

• Tactical: Decisions focus on intermediate-term issues. The purpose of decisions made at this level are to help move the brands closer to reaching strategic goals. Outcomes are predictable. After a decision is made by Top Executive Leadership, the next phase is to take the needed steps to implement it. Examples are: The amount of money required to implement, which advertising agency to promote a new service or to provide an incentive plan to employees to encourage increased revenue.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time. Requires regular movement throughout CCL facilities.

Travel: Less than 25% with shipboard travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential. May be requested to work a different shi