IT Cloud Security Analyst

Other Jobs To Apply

No other job posts for this day.

Futrend Technology Inc. is seeking an IT Cloud Security Analyst to join our security compliance team. In this role, you will work closely with the customer's Information Systems Security Officer (ISSO) and play a critical part in safeguarding NLM’s IT infrastructure. The role focuses on implementing security controls, ensuring compliance with federal cybersecurity framework and support secure cloud adoption across multiple platforms. The analyst works closely with end point owners, infrastructure and network security teams, and with enterprise security teams to meet NIH mandates.
You will be part of a broader IT program that provides end-to-end support—including help desk, systems, network, incident response and security services—ensuring the availability, integrity, and confidentiality of mission-critical systems.
This position is based in Bethesda, MD and requires onsite presence 3 to 5 days/week.
Responsibilities
  • Implement security controls, and ensure compliant cloud environments on AWS, GCP, or Azure adhering to FISMA, NIH policy, and federal security requirements
  • Recommend, design and support Cloud security services and control implementation including Identity Access, Privileged access, Vulnerability management, Configuration compliance, encryption, and centralized security log management
  • Monitor cloud environments for security events, anomalies, and configuration drift using SIEM (e.g., Splunk), conduct vulnerabilities assessments, track remediation and maintain dashboards with measurable metrics to report overall security posture
  • Integrate and optimize enterprise security solutions such as Splunk, Tenable and other data sources to enhance continuous monitoring, event correlation, and compliance visibility across NLM’s hybrid environment
  • Investigate and respond to security incidents and alerts, perform root-cause analysis and proper remediation actions and reporting per NIH’s established incident response plan
  • Conduct threat modeling and security assessments of cloud deployments to identify and mitigate vulnerabilities, develop security requirements and provide guidance for applications migrating from on-prem implementations to the cloud environment
  • Enhance and automate security and compliance checks using a combination of available tools and scripting; evaluate emerging platforms (like AI-based capabilities) to improve coverage, visibility, and operational efficiency
  • Provide security guidance, best practices, and compliance support to developers, operations teams, system owners and other stakeholders, promoting security awareness

Required Qualifications
  • Proven experience securing cloud environments (AWS, GCP or AZURE), preferably within FISMA compliance frameworks
  • Strong working knowledge of AWS, GCP or Azure cloud security, including logging, tagging strategies, ephemeral resource tracking, and cross-platform operations
  • In-depth knowledge and demonstrated experience of applying federal compliance frameworks including FISMA, NIST 800-53, FedRAMP, RMF, NIH policy and supporting system authorization processes (ATO, POA&M) and policies to information systems
  • Hands-on work experience with automation, security event correlation, asset inventory tracking and SEIM management (preferably in SPLUNK), utilizing scripting or programming such as PowerShell, Bash, Python or equivalent and use of APIs
  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent practical experience in Cloud security)
  • 5+ years of experience in information security, with at least 3 years focused on cloud security, administration of Linux and Windows endpoints, strong understanding of network and firewall operations
  • Strong written and verbal communication skills, with the ability to produce clear security documentation and effectively communicate technical concepts to technical and non-technical stakeholders
  • Experience working in regulated federal environments with complex governance and compliance requirements; collaborating and guiding multi-disciplinary teams managing servers, workstations, network appliances, security appliances
  • Certifications: CISSP (or ability to obtain within 6 months)
Desired Qualifications
  • AWS/GCP/Azure Certified - Specialty certifications
  • Advanced Linux and Windows administration experience
  • Experience with container security (like Docker & Kubernetes)
Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...