Barton Malow Company

Cybersecurity Analyst (AWS Cloud Security)

Barton Malow Company$70K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in computer science, cybersecurity or related field, or equivalent work experience.
  • 2-3 years of experience in security operations, vulnerability management, security engineering, incident response, or offensive security.
  • Conceptual and technical knowledge of modern IT environments, including server architecture, cloud, and networking protocols.
  • Working knowledge of AWS security fundamentals and core services such as CloudTrail and GuardDuty.
  • Familiarity with cloud identity and access management concepts, including least-privilege design.

Responsibilities

  • Investigate and respond to security tickets generated by the Managed Detection and Response provider.
  • Engage in incident response and root cause analysis for cyber threats.
  • Conduct internal security audits to evaluate the organization’s security.
  • Monitor and assess AWS cloud security environments for misconfigurations and access control.
  • Analyze cloud security telemetry to detect suspicious activity and policy violations.
  • Educate users on security threats and best practices for risk mitigation.
  • Develop and maintain incident handling procedures and playbooks.

Benefits

  • Health, dental, and vision insurance options.
  • 401(k) retirement plan with company matching contributions.
  • Paid time off and holiday pay.
  • Continuous professional development and training opportunities.
Full Job Description
Position Summary

The Cybersecurity Analyst is responsible for contributing to a variety of cybersecurity functions within the organization. This position is pivotal in maintaining and growing a proactive cybersecurity posture within the organization by promptly addressing security events, helping contribute to our cybersecurity roadmap, and ensuring that all stakeholders are well-informed about potential threats and preventive measures. The ideal candidate for this position is someone with a great technical foundation in cybersecurity, networking, and systems who is hungry to expand on their skills to contribute to an enterprise's overall cybersecurity program.

Key Job Responsibilities
  • Investigate and respond to tickets generated by the organization's Managed Detection and Response (MDR) provider.
  • Actively engage in incident response and root cause analysis. Participate in incident response activities to analyze and remediate cyber threats.
  • Perform internal security audits to assess the organization's security posture, identify potential weaknesses, and recommend corrective measures.
  • Monitor and assess the security of cloud environments (AWS), including review of IAM policies, roles, and permissions to enforce least-privilege access and identify misconfigurations or privilege escalation paths.
  • Analyze cloud security telemetry - including AWS CloudTrail, GuardDuty, Security Hub, CloudFormation Guard and CloudWatch - to detect, investigate, and respond to suspicious activity and policy violations.
  • Educate and raise awareness among the user community about various security threats, best practices, and measures to mitigate risk.
  • Prioritize risk reduction and remediation tasks to support a vulnerability management program.
  • Develop and maintain technical procedures and playbooks focused on incident handling.
  • Communicate effectively with technical and non-technical teams while working to improve overall cybersecurity effectiveness.
  • Participate in tabletop exercises designed to simulate potential cybersecurity incidents.
  • Conduct research, analysis, and correlation of events across a wide variety of data sources.
  • Demonstrate the ability to effectively leverage AI and LLMs to drive value while proactively identifying and mitigating emerging risks.

Required Knowledge, Education, Experience, Skills, And Abilities
  • Bachelor's degree in computer science, cybersecurity or related field or equivalent work experience.
  • 2-3 years of experience in security operations, vulnerability management, security engineering, incident response, or offensive security required.
  • Conceptual and technical knowledge of modern IT environments such as server configuration/architecture, cloud, database management/configuration, networking protocols/designs, and access management/access controls.
  • Working knowledge of AWS security fundamentals, including IAM (users, roles, policies, permission boundaries, and federation), the shared responsibility model, and core security services such as CloudTrail, GuardDuty, Security Hub, Config, and KMS.
  • Familiarity with cloud identity and access management concepts - least-privilege design, role assumption (STS), policy evaluation logic, and detecting over-permissioned or stale credentials.
  • Experience monitoring cloud environments for security events and correlating cloud logs with broader SIEM/MDR data sources is preferred.
  • Strong technical skills with knowledge of a wide variety of tools, and technologies, and experience deploying and monitoring these capabilities to identify cyber threats.
  • Knowledge of common cybersecurity frameworks and how to apply them, e.g., NIST 2.0 CSF, MITRE ATT&CK (including the ATT&CK Cloud matrix).
  • Demonstrated interpersonal skills and ability to work effectively and collaboratively with a wide range of stakeholders.
  • Demonstrated confidence and ease in delivering clear, effective verbal and written communication.
  • Experience in scripting and programming languages such as PowerShell, Bash, or Python is preferred.
  • Cybersecurity training or certifications from organizations such as CompTIA, TCM, SANS/GIAC, OffSec, ISC(2) is preferred; AWS certifications (e.g., AWS Certified Security - Specialty or Solutions Architect Associate) are a plus.

" This position is not eligible for visa sponsorship (e.g., H-1B). Applicants must be currently authorized to work in the United States on a permanent basis and reside within a reasonable commuting distance of Southfield, Michigan location."

Unsolicited Resumes from Third-Party Recruiters: We do not accept unsolicited referrals from third-party recruiters unless such recruiters are engaged and under contract to provide candidates for a specified opening. Any unsolicited resumes submitted without prior agreement will be considered the property of Barton Malow with the right to engage at our sole discretion without any obligations or fees owed.

About Barton Malow Company

Barton Malow Company is a construction company that provides pre-construction, construction management, design-build, program management, general contracting, technology and equipment installation services. The company serves various industries including healthcare, education, sports and entertainment, industrial, energy, and federal. Barton Malow Company was founded in 1924 and is headquartered in Southfield, Michigan.
Learn more about Barton Malow Company
Size
2,000 employees
Industry
5 Year Trend
+5%
Revenue
$1.5 billion

Similar Jobs

More Jobs at Barton Malow Company

More Information Technology Jobs

Find similar Cybersecurity Analyst (AWS Cloud Security) jobs: