Emory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the diversity and excellence of our academic community.

KEY RESPONSIBILITIES:

• The Cloud Security Architecture Analyst, within Emory's Enterprise Information Security team, will be primarily responsible for working with the Enterprise Security and other Emory IT teams to identify, evaluate, and implement security controls for cloud services.
• This will mainly include Amazon Web Services but will also encompass additional cloud provider related activities as Emory's cloud base grows.
• This position will support the migration and support of on-premise solutions to the cloud, and continual adoption of secure cloud services, for Emory University and Emory Healthcare.
• Responsible for performing security risk assessments for cloud computing solutions, including risk identification, analysis, and evaluation, identifying remediation and/or mitigation requirements and recommendations, and handing off the associated risks to the enterprise risk register management process.
• Seeks and applies guidance and direction for internal and external customers based on policies, published guidelines, best practices, and industry recommendations.
• Supports team by performing research and analysis of vulnerabilities and related consultation to internal and external customers about those vulnerabilities.
• Helps to ensure that information security safeguards and controls are properly communicated and adhered to.
• Assessments include various cloud platform providers, and the applications, processes, vendors, and technologies used by departments, divisions, or the enterprise in one or more of those cloud platform providers.
• In addition to conducting risk assessments, this position contributes to the identification of improvements for multiple areas, to include the risk management process and tool improvements.
• Works closely with teams across cloud engineering, enterprise information security, IT, privacy, compliance, legal, procurement, research, and numerous business units to help protect assets for the institution.
• Applies background knowledge in IT, cloud architecture and security, and/or security vendor risk assessments and continually conducts research into new technologies and vulnerabilities across the industry.
• Contributes to development of risk analysis tools and provides functional guidance and direction to internal and external customer teams in overall security risk assessments of projects.
• Assists with the interpretation of information security policies and requirements or their applicability.
• Performs risk assessments of client vendors through risk assessment toolkit against various frameworks (HIPAA, HITRUST, SOC, NIST, etc.), collecting data and identifying areas of compliance/non-compliance through written assessment reports.
• Assesses risk for various components of a particular solution's architecture, such as: cloud services, cloud controls, network, operating system, database, storage, application vulnerability assessments, cloud security configuration settings, virus prevention and remediation, encryption, network segmentation, remote access, and authentication.
• As a member of the Enterprise Security team, the position will also be tasked with other information security related tasks and projects as necessary.
• This position may be called upon to assist with information security activities with university or healthcare units across the enterprise.
• Performs other related duties as required.
• Level: An experienced cybersecurity professional applies practical knowledge of job area typically obtained through advanced education and work experience.
• Works semi-independently with periodic management check-ins, in close collaboration with analyst's own team.
• Requires communication with IT leadership.
• Career progression to this point includes experience with cloud platform solutions.

MINIMUM QUALIFICATIONS:

• A bachelor's degree and three years of related IT experience including demonstrated experience in relevant information security domains, project management skills, OR an equivalent combination of education, training and experience.
• Excellent project management and team participation skills.
• Good written and verbal communication skills.
• A solid background in cloud computing platforms and cloud security concepts, development, deployment, and administration.
• Strongly preferred qualifications include knowledge of information security technologies, methodologies, and best practices in the domains of cloud security architecture, vulnerability identification and safeguards, data protection, cloud business continuity, and other relevant cloud security concepts, practices, and experiences.
• Security certifications are a plus (e.g. AWS, GCP, Azure, CISSP, GIAC Cloud, etc.).

NOTE: Tasks related to this position can be performed remotely with only occasional visits to an Emory University location.  Eastern (EST) time zone business hours may apply.  Emory reserves the right to change this status with notice to employee.  Emory does not approve as a primary work location in the following states; NJ, AK, and HI, any U.S. Territories or outside of the United States.

Emory is an equal opportunity employer, and qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law. Emory University does not discriminate in admissions, educational programs, or employment, including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training. Students, faculty, and staff are assured of participation in university programs and in the use of facilities without such discrimination. Emory University complies with Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act, and applicable executive orders, federal and state regulations regarding nondiscrimination, equal opportunity, and affirmative action (for protected veterans and individuals with disabilities). Inquiries regarding this policy should be directed to the Emory University Department of Equity and Civil Rights Compliance, 201 Dowman Drive, Administration Building, Atlanta, GA 30322. Telephone: 404-727-9867 (V) | 404-712-2049 (TDD).

Emory University is committed to ensuring equal access and providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to seek a reasonable accommodation, please contact the Department of Accessibility Services at accessibility@emory.edu or call 404-727-9877 (Voice) | 404-712-2049 (TDD). We kindly ask that requests be made at least seven business days in advance to allow adequate time for coordination.