Our story
At Alight, we believe a company’s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to “Be Alight.”
Our Values:
Champion People – be empathetic and help create a place where everyone belongs.
Grow with purpose – Be inspired by our higher calling of improving lives.
Be Alight – act with integrity, be real and empower others.
It’s why we’re so driven to connect passion with purpose. Alight helps clients gain a benefits advantage while building a healthy and financially secure workforce by unifying the benefits ecosystem across health, wealth, wellbeing, absence management and navigation.
With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Alight is the perfect place to put your passion to work.
Join our team if you Champion People, want to Grow with Purpose through acting with integrity and if you embody the meaning of Be Alight.
Learn more at .
As a Senior Cloud Security Analyst , you will play a critical role in ensuring the security and compliance of our cloud infrastructure. You’ll collaborate with cross-functional teams to design, implement, and maintain robust security measures across our cloud platforms. Your expertise will be instrumental in safeguarding our systems, data, and applications.
You will assist in the wider operational activities including but not limited to validating and addressing identified security risks, Data Security, SOC1/SOC2 Audits, Client Audits, security certifications, vulnerability testing and support management teams during security incident events. You should be confident and capable of explaining the risk and remediation positions for threats as part of the global security incident management process related to cloud security.
Duties & Responsibilities
Cloud Security Posture Management (CSPM):
Drive remediation of open security risks. Collaborate with the Information Security and compliance team to develop global cloud security architecture and maturity standards. Evaluate and respond to alerts and events from security tools, fine-tuning configurations to minimize false positives. Develop event response documentation and processes for the Security Operations Center. Work closely with Cloud Operations teams to define and implement security standards and best practices. Maintain documentation and diagrams for security tools, system environments, and cloud operations. Host Configuration Management:
Conduct regular scans of host configurations to identify configuration violations and ensure compliance with security policies and CIS Benchmarks. Develop and implement remediation plans for identified violations. Collaborate with IT and DevOps teams to ensure secure configurations are maintained. Cloud Workload Protection:
Perform vulnerability assessment on container images and containerized environments using industry standard tools. Identify, assess, assign, and report vulnerabilities throughout the container lifecycle. Work with development teams to ensure vulnerabilities are addressed in a timely manner. Implement security controls and best practices for container orchestration platforms. Combine security assessment tools with automation to proactively identify and remediate vulnerabilities. Collaborate with functional-area architects and security specialists to ensure adequate controls are in place. Incident Response Monitoring:
Monitor and analyze security logs and events. Respond promptly to security incidents, investigating and containing threats. Work within a DevOps security model to automate incident response. Serve as a subject matter expert (SME) for security tools and processes. Position Requirements:
Bachelor’s or Master’s degree in Computer Science, Engineering, Information Security, or similar boot camp certifications. Relevant certifications (e.g., AWS, CISSP, CCSP, CISM, GSEC) are highly desirable. Proven experience in cloud security, vulnerability management, and/or incident response. Strong knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud-optional). Familiarity with security assessment tools (e.g. Host Configuration Management, Cloud Security Posture Management (CSPM), cloud native tools, Vulnerability scanners, etc). Experience with developing and managing software application(s), API's, or cloud infrastructure Familiarity with one to many programing languages and infrastructure as Code (IAC) Ability to collaborate effectively with cross-functional global teams. Alight requires all virtual interviews to be conducted on video. We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.