TC-CS-CDR-Cloud Security Specialist-Senior

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.

Join EY and help to build a better working world.

Job Title: Senior Cloud Security Specialist

Role Overview:

The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations, responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies, incident response, and forensic investigation. The SME will collaborate with Security Engineering & Architecture, CSOC, and governance teams to ensure a resilient and compliant cloud security posture.

Key Responsibilities:

• Threat Detection & Investigation
• Deploy and optimize cloud-native and third-party threat detection platforms (e.g., AWS GuardDuty, Azure Defender, GCP SCC).
• Investigate alerts using telemetry, behavioral analytics, and AI/ML-based anomaly detection.
• Align detection logic with MITRE ATT&CK, NIST SP 800-53, and CSA CCM frameworks
• Rule Creation & CNAPP Integration
• Author and tune detection rules leveraging CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
• Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response
• Mitigation Strategy Development
• Design and implement dynamic playbooks for threat containment and remediation.
• Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines.
• Incident Response & Forensics
• Lead incident triage and root cause analysis across cloud environments.
• Conduct forensic investigations using cloud-native tools and third-party platforms.
• Document findings and contribute to post-incident reviews and continuous improvement
• Security Architecture & Governance
• Provide guidance on secure cloud architecture, access controls, and data protection.
• Ensure compliance with ISO 27001, HIPAA, GDPR, and internal governance policies
  
  

Required Skills & Abilities:

• Deep expertise in AWS, Azure, GCP, and OCI cloud security services.
• Hands-on experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
• Proficiency in threat detection rule creation, tuning and alert response leveraging tools such as CrowdStrike, Wiz Defend, AWS GuardDuty, etc.
• Respond to Kubernetes and Cloud Container threat alerts (e.g., unusual API invocations) and tune detection rules accordingly
• Strong knowledge of SIEM/SOAR platforms (e.g., Splunk, Sentinel, Elastic, Tines).
• Experience in cloud forensics and incident response workflows.
• Familiarity with infrastructure-as-code (IaC) tools (Terraform, CloudFormation).
• Strong analytical, investigative, and documentation skills.
• Excellent communication and leadership abilities.
  
  

Preferred Qualifications:

• 8+ years in cybersecurity, with 3+ years focused on cloud security.
• Certifications: CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, GCIH, GCIA.
• Experience in a 24x7 SOC or threat management environment.
• Proven track record of mentoring and leading technical teams.
  
  

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.