Cloud Security Operations Senior Analyst

📍 Job Overview

• Job Title: Cloud Security Operations Senior Analyst
• Company: LSEG
• Location: Colombo, Western Province, Sri Lanka
• Job Type: On-site, Full-Time
• Category: Cybersecurity, IT Security
• Date Posted: 2025-07-30
• Experience Level: Mid-Senior level (2-5 years)

🚀 Role Summary

• 📝 Enhancement Note: This role focuses on cloud security operations, requiring a strong background in cloud security, incident response, and risk assessment. The ideal candidate will have experience with public cloud service providers such as AWS, Azure, GCP, and OCI.

• The Cloud Security Operations Senior Analyst is responsible for carrying out day-to-day operational aspects of cloud security. This involves performing risk assessments on cloud change requests, monitoring security alerts, and ensuring remediation actions are taken when necessary. The role also includes supporting various teams such as Cloud SRE, Cloud Engineering, and the Global Security Operations Centre (GSOC).

💻 Primary Responsibilities

• 📝 Enhancement Note: The primary responsibilities listed below require a strong understanding of cloud security best practices, risk assessment methodologies, and incident response processes.

• 🔒 Risk Assessment & Approval:

  • Perform risk assessments on cloud change requests requiring cybersecurity review and approval.
  • Ensure that all changes comply with LSEG's security policies and standards.

• 🛡️ Security Alert Monitoring & Investigation:

  • Monitor cloud security alerts and investigate threat notifications and control gaps.
  • Determine if remediation actions are required to address potential security risks.

• 📈 Alert Efficiency Analysis:

  • Analyze the efficiency of cloud security alerts and propose refinements to reduce false positives.
  • Collaborate with relevant teams to optimize alerting systems and improve overall security posture.

• 🤝 Team Support:

  • Support the GSOC team with cloud security investigations as needed.
  • Assist Cloud Engineering and Cloud SRE teams with security-related questions or issues.
  • Support LSEG application teams with security-related questions or issues.

• 📊 Control Exceptions Recertification & Reporting:

  • Conduct periodic cloud security control exceptions recertification campaigns.
  • Produce periodic cloud security control housekeeping reports and assist application teams with remediation efforts.

• 📚 Runbook Documentation:

  • Create cloud security operations runbooks to document day-to-day processes and procedures.

🎓 Skills & Qualifications

Education: A bachelor's degree in Computer Science, Information Technology, or a related field is preferred. Relevant certifications such as CISSP, CISM, or CCSP would be an added advantage.

Experience: Proven experience (2-5 years) in cloud security, incident response, or a related role. Experience with public cloud service providers (AWS, Azure, GCP, OCI) is essential.

Required Skills:

• Strong understanding of cloud security best practices and risk management.
• Experience with incident response and security alert monitoring.
• Proficiency in performing risk assessments and ensuring compliance with security policies.
• Excellent communication and collaboration skills.
• Strong analytical and problem-solving skills.

Preferred Skills:

• Experience with cloud security tools and platforms.
• Familiarity with cloud security frameworks and standards (e.g., CIS Benchmarks, NIST SP 800-53).
• Knowledge of scripting languages (e.g., Python, Bash) for automating security tasks.
• Experience with cloud security automation and orchestration tools.

📊 Web Portfolio & Project Requirements

📝 Enhancement Note: As this role focuses on cloud security operations, a portfolio showcasing relevant projects, incident response case studies, and risk assessment examples would be most valuable.

Portfolio Essentials:

• Risk Assessment Case Studies: Include examples of risk assessments you've performed on cloud change requests, highlighting your decision-making process and the outcome.
• Incident Response Case Studies: Demonstrate your incident response skills by presenting case studies of security incidents you've handled, including the steps you took to mitigate the threat and restore normal operations.
• Security Tool Demonstrations: Showcase your experience with cloud security tools by providing live demos or screenshots of tools you've used in previous roles.

Technical Documentation:

• Risk Assessment Templates: Include templates or examples of risk assessment documents you've created to ensure consistency and thoroughness in your risk assessment process.
• Incident Response Plans: Provide examples of incident response plans you've developed or contributed to, demonstrating your understanding of incident response best practices.
• Security Policy Documentation: Showcase your experience with security policy documentation by including examples of policies you've helped create or maintain.

💵 Compensation & Benefits

Salary Range: The salary range for this role in Colombo, Sri Lanka, is estimated to be between LKR 1,500,000 - LKR 2,500,000 per annum, based on market research and industry standards for mid-senior level cybersecurity roles.

Benefits:

• Comprehensive health insurance coverage.
• Retirement planning and pension schemes.
• Generous annual leave and flexible working arrangements.
• Employee assistance programs for mental health and wellbeing.
• Opportunities for professional development and training.
• A dynamic and inclusive work environment with a diverse team.

Working Hours: The standard working hours for this role are 40 hours per week, with flexibility for occasional overtime or on-call duties during security incidents.

🎯 Team & Company Context

🏢 Company Culture

Industry: LSEG is a leading global financial markets infrastructure and data provider, driving financial stability, empowering economies, and enabling customers to create sustainable growth.

Company Size: LSEG employs over 25,000 people across 65 countries, providing a large and diverse team to collaborate with and learn from.

Founded: LSEG was founded in 1801 and has a rich history in the financial services industry.

Team Structure:

• The Cloud Security Operations team is part of the Global Security function, working closely with various cloud-related teams such as Cloud SRE, Cloud Engineering, and the Global Security Operations Centre (GSOC).
• The team is responsible for ensuring the security of LSEG's cloud environments and protecting its data and applications.

Development Methodology:

• LSEG follows Agile methodologies for software development and cloud security operations.
• The team uses collaborative tools such as Jira and Confluence to manage tasks, track progress, and document processes.
• Regular stand-ups, sprint planning, and retrospectives are held to ensure continuous improvement and effective team collaboration.

Company Website: LSEG

📝 Enhancement Note: LSEG's culture is built on the values of Integrity, Partnership, Excellence, and Change. The company encourages innovation, collaboration, and sustainable growth, providing an ideal environment for cybersecurity professionals looking to advance their careers.

📈 Career & Growth Analysis

Cloud Security Operations Career Level: This role is at the senior analyst level, focusing on cloud security operations and incident response. The ideal candidate will have a strong background in cloud security, risk assessment, and incident response, with experience working in a similar role.

Reporting Structure: The Cloud Security Operations Senior Analyst reports directly to the Cloud Security Manager and works closely with various teams, including Cloud SRE, Cloud Engineering, and the Global Security Operations Centre (GSOC).

Technical Impact: The role has a significant impact on LSEG's overall security posture, as the incumbent is responsible for monitoring and responding to security incidents in cloud environments. The role also involves implementing security measures and ensuring compliance with security policies, contributing to the organization's ability to protect its data and applications.

Growth Opportunities:

• Technical Specialization: As the cloud security landscape evolves, there will be opportunities to specialize in specific areas, such as cloud security architecture, cloud security engineering, or cloud security compliance.
• Leadership Roles: With experience and demonstrated expertise, there may be opportunities to take on leadership roles, such as Cloud Security Manager or Principal Cloud Security Architect.
• Global Mobility: LSEG's global presence provides opportunities for international assignments or relocations, allowing professionals to gain experience working in different regions and cultures.

📝 Enhancement Note: LSEG's global presence and commitment to professional development provide numerous growth opportunities for cybersecurity professionals looking to advance their careers in the cloud security domain.

🌐 Work Environment

Office Type: LSEG's Colombo office is a modern, collaborative workspace designed to foster innovation and teamwork. The office features open-plan workspaces, meeting rooms, and breakout areas, providing a comfortable and productive environment for employees.

Office Location(s): LSEG's Colombo office is located in the heart of the city, with easy access to public transportation and amenities.

Workspace Context:

• Collaboration: The open-plan workspace encourages collaboration and knowledge-sharing among team members and across departments.
• Technology: The office is equipped with state-of-the-art technology, including high-speed internet, multiple monitors, and specialized software for cloud security operations.
• Flexibility: The office offers flexible work arrangements, such as remote work or flexible hours, to accommodate employees' personal needs and preferences.

Work Schedule: The standard work schedule is Monday to Friday, 9:00 AM to 5:30 PM, with a one-hour lunch break. However, the role may require occasional overtime or on-call duties during security incidents.

📝 Enhancement Note: LSEG's Colombo office provides a modern, collaborative workspace that fosters innovation and teamwork, with flexible work arrangements to accommodate employees' personal needs and preferences.

📄 Application & Technical Interview Process

Interview Process:

1. Online Assessment: Candidates will be required to complete an online assessment to evaluate their technical skills and problem-solving abilities.
2. Technical Phone Screen: A brief phone call to discuss the candidate's experience, qualifications, and career aspirations.
3. On-site Interview: A face-to-face interview with the Cloud Security Manager and other team members to discuss the role in more detail, assess the candidate's cultural fit, and evaluate their technical skills through a series of questions and exercises.
4. Final Decision: The hiring manager will make a final decision based on the candidate's performance throughout the interview process.

Portfolio Review Tips:

• 📝 Enhancement Note: As this role focuses on cloud security operations, candidates should highlight their experience with cloud security tools, incident response case studies, and risk assessment examples in their portfolio.
• Case Studies: Include case studies demonstrating your experience with cloud security incident response, risk assessment, and security policy implementation.
• Tool Demonstrations: Showcase your experience with cloud security tools by providing live demos or screenshots of tools you've used in previous roles.
• Policy Documentation: Include examples of security policies you've helped create or maintain, demonstrating your understanding of security best practices and compliance requirements.

Technical Challenge Preparation:

• 📝 Enhancement Note: The technical interview process for this role will focus on cloud security incident response, risk assessment, and security policy implementation. Candidates should brush up on their knowledge of cloud security best practices, risk management frameworks, and incident response processes.
• Cloud Security Fundamentals: Review your understanding of cloud security best practices, risk management frameworks, and incident response processes.
• Cloud Security Tools: Familiarize yourself with popular cloud security tools and platforms, such as AWS Security Hub, Azure Security Center, or Google Cloud Security Command Center.
• Incident Response Scenarios: Practice incident response scenarios to hone your problem-solving skills and demonstrate your ability to think critically and make decisions under pressure.

ATS Keywords: [Cloud Security, Incident Response, Risk Assessment, Security Policy, Compliance, Cloud Security Operations, Cybersecurity, IT Security, Cloud Security Tools, Cloud Security Best Practices, Cloud Security Frameworks]

📝 Enhancement Note: The ATS keywords listed above are relevant to the Cloud Security Operations Senior Analyst role and should be incorporated naturally throughout the candidate's resume and portfolio.

🛠 Technology Stack & Web Infrastructure

Cloud Service Providers:

• AWS: Amazon Web Services (AWS) is a popular choice for cloud service providers, offering a wide range of services for building, deploying, and managing applications in the cloud.
• Azure: Microsoft Azure is another leading cloud service provider, offering a range of services for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.
• GCP: Google Cloud Platform (GCP) is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, and YouTube.
• OCI: Oracle Cloud Infrastructure (OCI) is a set of cloud services that offers bare-metal cloud services, virtual machines, and container orchestration services for applications and databases.

Cloud Security Tools:

• AWS Security Hub: A centralized security and compliance center that enables you to securely manage security tasks for your AWS environment.
• Azure Security Center: A unified infrastructure security management system that helps you apply security policies at scale across your Azure deployments.
• Google Cloud Security Command Center: A security management platform that helps you prevent, detect, and respond to security threats in your Google Cloud environment.
• Oracle Cloud Security: A suite of security services that helps you protect your data and applications in the cloud, including identity and access management, data encryption, and intrusion detection.

📝 Enhancement Note: The technology stack for this role focuses on cloud security tools and platforms, with experience in one or more of the major cloud service providers (AWS, Azure, GCP, OCI) being essential.

👥 Team Culture & Values

Cloud Security Operations Values:

• Proactive Security: The team prioritizes proactive security measures to identify and mitigate potential threats before they occur.
• Collaboration: Team members work closely together and with other departments to ensure the security of LSEG's cloud environments and protect its data and applications.
• Continuous Learning: The team encourages ongoing professional development and staying up-to-date with the latest cloud security trends and best practices.
• Adaptability: The team is flexible and responsive to changes in the cloud security landscape, quickly adapting to new threats and emerging technologies.

Collaboration Style:

• Cross-Functional Integration: The Cloud Security Operations team works closely with various teams, including Cloud SRE, Cloud Engineering, and the Global Security Operations Centre (GSOC), to ensure the security of LSEG's cloud environments.
• Code Review Culture: The team follows a code review culture to ensure that all changes to cloud security tools and configurations are thoroughly reviewed and approved before deployment.
• Knowledge Sharing: The team encourages knowledge-sharing and mentoring, with regular training sessions and workshops to help team members develop their skills and advance their careers.

📝 Enhancement Note: LSEG's Cloud Security Operations team fosters a collaborative and inclusive work environment, with a strong focus on proactive security, continuous learning, and adaptability.

⚡ Challenges & Growth Opportunities

Technical Challenges:

• Cloud Security Incident Response: Develop and maintain incident response plans to ensure that the team is prepared to respond to security incidents in cloud environments effectively.
• Cloud Security Risk Assessment: Implement risk assessment processes and tools to identify and mitigate potential security risks in cloud environments.
• Cloud Security Policy Compliance: Ensure that all cloud security policies and standards are up-to-date and comply with relevant regulations and industry best practices.
• Cloud Security Automation: Automate repetitive security tasks to improve efficiency and reduce human error.

Learning & Development Opportunities:

• Cloud Security Training: Participate in cloud security training programs and certifications to enhance your knowledge and skills in cloud security best practices and emerging technologies.
• Cloud Security Conferences: Attend cloud security conferences and events to network with industry professionals and learn about the latest trends and best practices in cloud security.
• Cloud Security Mentorship: Seek mentorship opportunities from experienced cloud security professionals to gain insights into their experiences and learn from their expertise.

📝 Enhancement Note: The technical challenges and learning opportunities listed above provide a roadmap for professional development and career growth in the cloud security domain.

💡 Interview Preparation

Technical Questions:

• Cloud Security Fundamentals: Demonstrate your understanding of cloud security best practices, risk management frameworks, and incident response processes.
• Cloud Security Tools: Showcase your experience with cloud security tools and platforms, such as AWS Security Hub, Azure Security Center, or Google Cloud Security Command Center.
• Incident Response Scenarios: Walk through incident response scenarios, demonstrating your ability to think critically and make decisions under pressure.

Company & Culture Questions:

• Cloud Security Culture: Discuss LSEG's cloud security culture and how it aligns with your personal values and career aspirations.
• Cloud Security Team Dynamics: Describe your experience working in a team environment and how you would contribute to LSEG's collaborative and inclusive work culture.
• Cloud Security Career Progression: Explain your long-term career goals and how this role at LSEG would help you achieve them.

Portfolio Presentation Strategy:

• 📝 Enhancement Note: As this role focuses on cloud security operations, candidates should highlight their experience with cloud security tools, incident response case studies, and risk assessment examples in their portfolio.
• Case Studies: Present case studies demonstrating your experience with cloud security incident response, risk assessment, and security policy implementation.
• Tool Demonstrations: Showcase your experience with cloud security tools by providing live demos or screenshots of tools you've used in previous roles.
• Policy Documentation: Include examples of security policies you've helped create or maintain, demonstrating your understanding of security best practices and compliance requirements.

📝 Enhancement Note: The interview preparation tips listed above focus on cloud security fundamentals, tools, and incident response scenarios, with a strong emphasis on the candidate's ability to think critically and make decisions under pressure.

📌 Application Steps

To apply for this Cloud Security Operations Senior Analyst position at LSEG:

1. Update Your Resume: Highlight your experience with cloud security tools, incident response, risk assessment, and security policy implementation. Incorporate relevant ATS keywords naturally throughout your resume.
2. Prepare Your Portfolio: Include case studies and examples demonstrating your experience with cloud security incident response, risk assessment, and security policy implementation. Showcase your experience with cloud security tools through live demos or screenshots.
3. Research LSEG: Familiarize yourself with LSEG's company culture, values, and cloud security operations team dynamics. Understand how LSEG's cloud security culture aligns with your personal values and career aspirations.
4. Practice Interview Questions: Review the technical interview questions and company & culture questions listed above, and practice your responses to ensure you're well-prepared for the interview process.
5. Submit Your Application: Submit your application through the application link provided, following the instructions outlined in the job description.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with LSEG before making application decisions.