​This is a full-time, Fully Remote Cloud Security Analyst role at KnowBe4, a global leader in security awareness training. The position functions as a “first responder” for the cloud ecosystem, focusing on real-time monitoring, incident management, and threat hunting across AWS and Azure environments. This role is highly operational, requiring a blend of defensive monitoring and offensive security thinking.

• ​Location: Fully Remote, United States.
• ​Salary Range: $80,000 – $85,000 (Base pay).
• ​Experience Required: 2+ years of hands-on experience in cloud security, InfoSec operations, or alert monitoring.
• ​Application Deadline: 12/30/2025.
• ​Focus: Triage and response for SIEM/CSPM alerts, incident containment, threat hunting using MITRE ATT&CK, and partnering with engineering for vulnerability remediation.

​What You’ll Do: Monitoring, Response, and Alert Engineering

​The Analyst is the primary line of defense, ensuring that cloud alerts are translated into actionable intelligence and resolved through strong engineering principles.

• ​Security Monitoring & Response: Continuously triage alerts from SIEM, CSPM, and CWPP tools to distinguish real threats from noise.
• ​Incident Management: Lead cloud security investigations from initial detection through containment, eradication, and recovery.
• ​Threat Hunting: Proactively search log feeds for emerging attack patterns and perform root cause analysis on vulnerabilities.
• ​Alert Engineering: Build and refine security dashboards and alerts that reduce “alert fatigue” while surfacing critical signals.
• ​Security Validation: Conduct security reviews and penetration testing across cloud infrastructure to identify weaknesses.
• ​Infrastructure as Code (IaC): Partner with engineering to ensure findings are remediated using tools like Terraform or CloudFormation.

​Required Technical Expertise and Qualifications

​KnowBe4 is looking for a “builder” who uses modern tools (including AI) to automate security workflows and possesses a foundational understanding of both defensive and offensive security.

• ​Core Experience: 2+ years in security operations (SOC) or cloud security monitoring.
• ​Technical Domain Knowledge:
  • ​Navigating AWS and/or Azure environments.
  • ​Linux command line and basic scripting.
  • ​Understanding of containers, APIs, and databases.
• ​Builder Mindset: Demonstrated ability to use AI-assisted development to write scripts and automate repetitive tasks.
  • ​Experience with Terraform or CloudFormation is expected.
• ​Offensive Security: Familiarity with the OWASP Top 10 and common penetration testing concepts/tools.
• ​Soft Skills: Strong organizational skills to manage multiple simultaneous investigations and communicate findings to technical and non-technical stakeholders.
• ​Bonus Points:
  • ​Certifications: AWS Security Specialty or Azure Security Engineer.
  • ​Practical experience mapping alerts to the MITRE ATT&CK Framework.
  • ​Degree in Computer Science or InfoSec.