Job Title:  Staff CyberSecurity Analyst

What You Need To Know

Shape a remarkable future with us. Build a career working for an industry leader that truly invests in their people – and equips them with leading technology, continuous learning, and the ability to bring their best selves to work. As the premier wine and spirits distributor, Southern Glazer’s isn't just one of Forbes’ Top Private Companies; it's a family-owned business with deep roots dating back to 1933.

The reputation of Southern Glazer’s is well-established, and it's no surprise that we are regularly recognized for our culture. Southern Glazer’s has been recognized by Newsweek as one of America’s Greatest Workplaces for Inclusion and Diversity, as well as for Women and Parents and Families. These accolades speak volumes about our commitment to creating a supportive and inclusive culture of belonging for all employees.

As a full-time employee, you can choose from a wide-ranging menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition assistance, a wellness program, parental leave, vacation accrual, paid sick leave, and more.

By joining Southern Glazer’s, you would be part of a team that values excellence, innovation, and community. This is more than just a job – it's an opportunity to build the future of beverage distribution and grow with a company that truly cares about its people.

Overview

The Staff Cybersecurity Analyst, Cloud Security plays a pivotal role in safeguarding the organization's cloud assets by leveraging advanced security tools and methodologies. This position involves conducting comprehensive cloud service and infrastructure assessments to identify and address policy deviations and investigating sophisticated security events to mitigate threats. The Staff Cybersecurity Analyst, Cloud Security is responsible for developing and implementing robust security integrations, managing complex operations, and maintaining system security. This role leads cloud incident response efforts, performs in-depth cloud vulnerability assessments, and conducts thorough risk assessments. Additionally, the Staff Cybersecurity Analyst, Cloud Security communicates cybersecurity improvements and provides strategic recommendations for informed risk management decisions. This position requires applying advanced concepts and practices to complete high-complexity assignments, coordinating work on multiple or cross-functional initiatives, and providing direct and indirect leadership within the team. The Staff Cybersecurity Analyst, Cloud Security ensures SGWS’s cloud security posture remains robust and effective through proactive measures and strategic oversight.

Primary Responsibilities

• Lead service, system, and infrastructure assessments of major cloud environments to identify deviations from acceptable configurations, or policies.
• Work with internal and external teams to develop cloud-specific security policies, procedures, standards, guardrails and design security controls for IaaS, PaaS, and SaaS.
• Work with developers to respond to escalated problems from System Administrators or other Engineers.
• Maintain comprehensive documentation, understand and practice operating procedures, playbooks and other cloud security-related activities.
• Monitor, track, and mentor on cloud projects, programs, tools, systems, applications and networks for security issues.
• Regularly review Cloud Security Posture Management (CSPM) and Endpoint Protection findings to identify and address infrastructure configuration issues and security vulnerabilities proactively.
• Utilize CSPM solution to monitor and manage the configuration of infrastructure-as-code (IaC) frameworks, ensuring strict adherence to established security standards and policies.
• Collaborate with cross-functional teams to integrate security into the CI/CD pipelines and ensure continuous security throughout the software development lifecycle.
• Implement, manage, and maintain a Web Application Firewall (WAF) to protect web applications and APIs from a variety of online threats.
• Lead security assessments, evaluations and audits to determine compliance with published standards.
• Collaborate with external teams to promptly address and resolve cybersecurity incidents, ensuring effective communication and coordinated response efforts.
• Hypothesize & validate new threats and indicators of compromise.
• Identify cyber threats by monitoring security systems, triaging alerts, and reviewing logs.
• Research, analyze, and document the applicability and feasibility of Cyber technology to enhance SGWS security.
• Ensure all operations are in accordance with operating procedures and report any issues to management.
• Provide guidance on security options and decisions for concerns and violations.
• Develop and support report generation for diverse stakeholders in Excel or other tools.
• Participate in Information Security projects and support team efforts for day-to-day operations.
• Provide technical support for routine security services.
• Perform capacity and future growth planning of the enterprise security infrastructure to ensure a highly available security environment.
• Administer cybersecurity technologies and ensure monitoring systems operate normally, escalating issues to management as needed.
• Troubleshoot and evaluate risk management processes; assess and mitigate risks.
• Apply laws, regulations, policies and ethics in daily practice.
• Occasionally participate in after-hours in the event of emergencies or critical situations.
• Employ strong creative, critical thinking and in-depth hands-on cloud experience to effectively identify, mitigate, and respond to security risks within complex, real-world cloud environments.
• Maintain awareness of emerging cloud threats to proactively defend against evolving attack vectors and ensure a resilient security posture in dynamic cloud environments.
• Advanced knowledge of all cloud security pillars, including Identity and Access Management (IAM), Data Encryption and Protection, Network Security (firewalls), Infrastructure/Workload Protection (virtual machines, containers, and serverless functions), and Incident Response and Recovery.

Minimum Qualifications

• Bachelor’s degree in related field (e.g., Cybersecurity, Computer Science, Computer Engineering, Information Technology, System Analysis, Business, etc.) or equivalent combination of education and work experience.
• 8+ years of experience in IT/network security/cybersecurity with cloud focus.
• Extensive experience in information risk concepts and principles, as a means of relating business needs to security controls.
• Proficiency in advanced cloud security tools, technologies (e.g. CSPM, WAF) and best practices.
• Expertise in network security protocols and practices.
• Strong understanding of cloud security controls, conceptual models, and frameworks to monitor security posture and enhance security features.
• Solid knowledge of current and emerging technologies.
• Proficiency with security frameworks (e.g., NIST, ISO, etc.).
• Experience in DevOps and Agile technology environments.
• Proven experience in working with multiple, diverse technologies and processing environments.
• Native-level proficiency/fluent in English.

Preferred Qualifications

• Advanced Information Security Certifications, e.g., CISSP, etc.
• Advanced Cloud Certifications and/or specialties, e.g., AWS Security Specialty, AWS Certified Solutions Architect, etc.
• Extensive experience in the development and implementation of cloud security strategies, policies, and procedures.
• Demonstrated problem-solving skills to anticipate, identify, and define problems and root causes.
• Proven ability to manage several projects simultaneously, while balancing multiple stakeholder priorities.
• Ability to educate various personnel regarding information security compliance, policies, and standards.
• Knowledge of containerization technologies, such as Docker and Kubernetes, and how to secure applications within those environments.
• Ability to monitor and report status on security matters to develop security risk analysis scenarios and response procedures.
• Experience with security information and event management (SIEM) systems.
• Knowledge and application of advanced threat detection and mitigation techniques.
• Experience with diagramming tools (e.g. Visio, Miro, draw.io).
• Experience with automation scripting (e.g. Python, PowerShell, Bash)
• Experience with SaaS Security Posture Management (SSPM) platforms.

Physical Demands

• Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or adding machine
• Physical demands with activity or condition may include walking, bending, reaching, standing, squatting, and stooping
• May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs

EEO Statement

Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. SGWS complies with all federal, state and local laws concerning consideration of a qualified applicant's arrest and/or criminal conviction records. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.

If you have any questions or concerns about whether this posting complies/adheres with local pay transparency requirements, please contact the SGWS talent acquisition team at NationalTA@sgws.com