Southern Glazer's Wine and Spirits
Principal Cloud Security Analyst
Southern Glazer's Wine and Spirits, Dallas, Texas, United States, 75215
What You Need To Know
Open the door to a groundbreaking tech career with an industry leader. Southern Glazer’s Wine & Spirits is North America’s preeminent wine and spirits distributor, as well as a family-owned, privately held company with a 50+ year legacy of success. To create a new era in alcohol beverage sales and service, we’re heavily invested in the most transformative new technologies – and the most brilliant tech professionals. Southern Glazer’s was named by Newsweek as a Most Loved Workplace and is included on the Forbes lists for Largest Private Companies and Best Employers for Diversity.
As a full-time employee, you can choose from a full menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition reimbursement, a wellness program, parental leave, vacation accrual, paid sick leave, and more.
We offer continuous learning and career growth in a fast-paced environment where you are respected, your voice is heard, and technology is part of our strategy for success. If you’re looking to fill your glass with opportunity, come join our FAMILY.
Overview
The Principal Cloud Security Analyst role is responsible for ensuring the security and improvement of the cloud infrastructure, applications, and data. This role will continuously monitor changes to existing cloud infrastructure to ensure the confidentiality, integrity, and availability of cloud resources while identifying vulnerabilities and mitigating risk. This role will work closely with cross-functional teams to embed security into cloud projects and address security challenges.
Specialized Skills and Technologies
Solid knowledge of current and emerging technologies
Proficient in monitoring tools, access control and threat detection
Willingness to mentor, train, and share knowledge with peers
Excellent teaching and problem solving
Hands on management of a WAF in an enterprise environment
Deep understanding of security frameworks such as NIST, ISO 27001, etc.
An understanding of practices integrating security into the continuous integration and continuous deployment (CI/CD) pipeline.
Knowledge of containerization technologies, such as Dockers and/or Kubernetes, and how to secure applications within those environments
Able to perform incident response within cloud platforms
Ability and desire to lead combined with the flexibility to share the duties of the technical team
Primary Responsibilities
Conducts assessments of all major cloud environments to identify vulnerabilities and security risks
Makes recommendations on where improvements can be made to continue strengthening our security posture
Works with outside teams to develop cloud-specific security policies, procedures, and standards
Responsible for monitoring and responding to security events related to cloud environments
Implement a lessons-learned process for continuous improvement related to cloud-related incidents
Works with outside teams to assess third-party cloud service providers to ensure alignment with our security standards
Collaborates with cross-functional teams to integrate security into the CI/CD pipeline and ensure continuous security throughout the software development lifecycle
Utilize a Cloud Security Posture Management (CSPM) solution to monitor and manage the configuration of infrastructure-as-code (IaC) frameworks, ensuring strict adherence to established security standards and policies
Regularly review CSPM findings to identify and address security vulnerabilities proactively
Produces and maintains documentation of all cloud-related security controls
Analyzes activities and documented resolutions
Identifies problem areas, devise, and deliver solutions to enhance quality of service and prevent future issues
Defines key operational metrics, develops reporting, and set targets to continuously improve
Participates in Information Security projects and supports team efforts for day-to-day operations
Remains current on cloud-security trends while integrating best practices into our security strategy
Aggressively automates repeated tasks to allow the team to scale with the organization’s growth
Communicates and acts as liaison with a variety of teams
Serves as a subject matter expert inside of SGWS and assists with complex issues pertaining to cloud security as needed
Occasional after-hours participation may be required in the event of emergencies or critical situations
Preferred Qualifications
Master’s Degree
Active CSSP or other relevant security-related certification
Minimum Qualifications
Bachelor’s Degree
10 or more years of work experience in IT
7 or more years of hands-on experience in developing and maintaining cloud environments
Relevant industry experience with a technical background
Adaptability and ability to manage change
In-depth understanding and extensive hands-on management of major cloud platforms such as Microsoft Azure, Amazon AWS, and Google Cloud Platform
Ability to assess security risks associated with cloud environments
Ability to analyze complex security issues, troubleshoot, and develop solutions
Superior interpersonal, communication and presentation skills
Ability to monitor project progress by tracking activities, issues/risks/dependencies, and provides recommendation for resolution
Familiar with serverless computing models and understanding of security considerations specific to serverless architectures
Business Acumen
Critical, creative, and strategic thinker
Problem Solver
Excellent presentation and facilitation skills
Excellent customer service skills in all interactions with internal and external customers, including but not limited to partners from other divisions, vendors, and suppliers across all areas of the business
Strong planning and organizational skills to work in a fast-paced environment and manage multiple priorities
Agile Delivery Values
Openness – Team and stakeholders agree to be open about all work and challenges
Commitment – Personally commit to achieving the goals of the team
Respect – Respect your team members to be capable and independent
Courage – You have courage to do the right thing and work on tough problems
Focus – Everyone focus on the work in the sprint and the goal of the scrum team. Rise and fall as a team
Physical Demands
Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device
Physical demands with activity or condition may occasionally include walking, bending, reaching, standing, squatting, and stooping
May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs
EEO Statement
Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. SGWS complies with all federal, state and local laws concerning consideration of a qualified applicant's arrest and/or criminal conviction records. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.
Southern Glazer's Wine and Spirits provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Open the door to a groundbreaking tech career with an industry leader. Southern Glazer’s Wine & Spirits is North America’s preeminent wine and spirits distributor, as well as a family-owned, privately held company with a 50+ year legacy of success. To create a new era in alcohol beverage sales and service, we’re heavily invested in the most transformative new technologies – and the most brilliant tech professionals. Southern Glazer’s was named by Newsweek as a Most Loved Workplace and is included on the Forbes lists for Largest Private Companies and Best Employers for Diversity.
As a full-time employee, you can choose from a full menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition reimbursement, a wellness program, parental leave, vacation accrual, paid sick leave, and more.
We offer continuous learning and career growth in a fast-paced environment where you are respected, your voice is heard, and technology is part of our strategy for success. If you’re looking to fill your glass with opportunity, come join our FAMILY.
Overview
The Principal Cloud Security Analyst role is responsible for ensuring the security and improvement of the cloud infrastructure, applications, and data. This role will continuously monitor changes to existing cloud infrastructure to ensure the confidentiality, integrity, and availability of cloud resources while identifying vulnerabilities and mitigating risk. This role will work closely with cross-functional teams to embed security into cloud projects and address security challenges.
Specialized Skills and Technologies
Solid knowledge of current and emerging technologies
Proficient in monitoring tools, access control and threat detection
Willingness to mentor, train, and share knowledge with peers
Excellent teaching and problem solving
Hands on management of a WAF in an enterprise environment
Deep understanding of security frameworks such as NIST, ISO 27001, etc.
An understanding of practices integrating security into the continuous integration and continuous deployment (CI/CD) pipeline.
Knowledge of containerization technologies, such as Dockers and/or Kubernetes, and how to secure applications within those environments
Able to perform incident response within cloud platforms
Ability and desire to lead combined with the flexibility to share the duties of the technical team
Primary Responsibilities
Conducts assessments of all major cloud environments to identify vulnerabilities and security risks
Makes recommendations on where improvements can be made to continue strengthening our security posture
Works with outside teams to develop cloud-specific security policies, procedures, and standards
Responsible for monitoring and responding to security events related to cloud environments
Implement a lessons-learned process for continuous improvement related to cloud-related incidents
Works with outside teams to assess third-party cloud service providers to ensure alignment with our security standards
Collaborates with cross-functional teams to integrate security into the CI/CD pipeline and ensure continuous security throughout the software development lifecycle
Utilize a Cloud Security Posture Management (CSPM) solution to monitor and manage the configuration of infrastructure-as-code (IaC) frameworks, ensuring strict adherence to established security standards and policies
Regularly review CSPM findings to identify and address security vulnerabilities proactively
Produces and maintains documentation of all cloud-related security controls
Analyzes activities and documented resolutions
Identifies problem areas, devise, and deliver solutions to enhance quality of service and prevent future issues
Defines key operational metrics, develops reporting, and set targets to continuously improve
Participates in Information Security projects and supports team efforts for day-to-day operations
Remains current on cloud-security trends while integrating best practices into our security strategy
Aggressively automates repeated tasks to allow the team to scale with the organization’s growth
Communicates and acts as liaison with a variety of teams
Serves as a subject matter expert inside of SGWS and assists with complex issues pertaining to cloud security as needed
Occasional after-hours participation may be required in the event of emergencies or critical situations
Preferred Qualifications
Master’s Degree
Active CSSP or other relevant security-related certification
Minimum Qualifications
Bachelor’s Degree
10 or more years of work experience in IT
7 or more years of hands-on experience in developing and maintaining cloud environments
Relevant industry experience with a technical background
Adaptability and ability to manage change
In-depth understanding and extensive hands-on management of major cloud platforms such as Microsoft Azure, Amazon AWS, and Google Cloud Platform
Ability to assess security risks associated with cloud environments
Ability to analyze complex security issues, troubleshoot, and develop solutions
Superior interpersonal, communication and presentation skills
Ability to monitor project progress by tracking activities, issues/risks/dependencies, and provides recommendation for resolution
Familiar with serverless computing models and understanding of security considerations specific to serverless architectures
Business Acumen
Critical, creative, and strategic thinker
Problem Solver
Excellent presentation and facilitation skills
Excellent customer service skills in all interactions with internal and external customers, including but not limited to partners from other divisions, vendors, and suppliers across all areas of the business
Strong planning and organizational skills to work in a fast-paced environment and manage multiple priorities
Agile Delivery Values
Openness – Team and stakeholders agree to be open about all work and challenges
Commitment – Personally commit to achieving the goals of the team
Respect – Respect your team members to be capable and independent
Courage – You have courage to do the right thing and work on tough problems
Focus – Everyone focus on the work in the sprint and the goal of the scrum team. Rise and fall as a team
Physical Demands
Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device
Physical demands with activity or condition may occasionally include walking, bending, reaching, standing, squatting, and stooping
May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs
EEO Statement
Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. SGWS complies with all federal, state and local laws concerning consideration of a qualified applicant's arrest and/or criminal conviction records. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.
Southern Glazer's Wine and Spirits provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.