Ceridian

Location: Work is what you do, not where you go. This is a remote role.

About the opportunity:

This position performs all procedures necessary to ensure the security and resilience of Ceridian cloud environments. Leveraging your expertise in cloud security, you will be responsible for monitoring, analyzing, and responding to security incidents and vulnerabilities in the cloud infrastructure. 

This position will provide day-to-day cloud operations support, incident triaging and escalation. This position reports to the Manager Cybersecurity Operations. Provides support to a geographically distributed stakeholder.

What you’ll get to do:

• Continuously monitor cloud environments for security incidents, unauthorized access, and suspicious activities.
• Triage and investigate security events in cloud environments to identify and respond to potential threats.
• Actively participate in the Computer Security Incident Response Team (CSIRT), aiding in incident response activities and strengthening our defensive capabilities.
• Work collaboratively with relevant teams to remediate identified vulnerabilities.
• Implement and manage security controls to prevent, detect, and respond to threats in the cloud environment.
• Drive the creation, implementation, and fine-tuning of cloud use cases, as well as provide tuning recommendations for various security tools.
• Provide ongoing support capabilities and tuning of policies and rulesets as part of cloud monitoring to reduce false positives.
• Develop and maintain operating procedures and incident response plans for cloud alerts.
• Develop and implement security solutions to enhance the overall security posture of the cloud environment.
• Integrate threat intelligence feeds into cloud security monitoring tools to enhance the detection and response capabilities.

What’s in it for you:

• Encouragement to be the best version of yourself at and away from work:
• YOUnity diversity and inclusion programs
• Amazing time away from work programs 
• Support for your total well-being through our Live Well, Work Well programs targeting all aspects of your life
• Recognition for your contributions through excellent pay, perks, and rewards
• Giving where you’re living: volunteer days, Ceridian sponsored events, and our very own charity, Ceridian Cares
• Opportunities to fuel your career growth through numerous internal and external programs and events

Qualifications:

• Proven experience in cloud security operations, with a focus on major cloud providers such as Azure, and AWS.
• Direct 5+ years of experience in engineering, configuring, and managing WAF, Web proxy and SIEM solutions.
• Relevant certifications such as GSEC, ITIL, CompTIA Security+, Azure Security Engineer, or equivalent are preferred for this position.
• Experience utilizing a wide range of security tools, including Next Generation Firewall, SIEM, IDS/IPS, EDR, AV, MS Defender Suite, cloud security tools such as CASB, CSPM.
• Comprehensive experience of operating within a Security Operations Center as an L2 or L3 SOC analyst.
• Strong triage skills, enabling efficient prioritization and resolution of various security alert types and incidents.
• Possess a comprehensive understanding of the TCP/IP protocol and networking architecture.
• Bachelor’s degree in computer science or information technology plus 5+ years related experience.