District Partners
Base pay range
$120,000.00/yr - $140,000.00/yr
Technical Recruiting @ District Partners LLC District Partners is engaged on supporting a mission-focused organization headquartered in Washington, DC in their search for a Senior Cloud Security Analyst. This is a hybrid role requiring 2 days per week onsite at HQ.
This organization plays a pivotal role in protecting sensitive systems and supporting national-level initiatives. The security team has strong executive backing, a mature cloud/SaaS environment, and a culture that values analytical rigor, clear procedures, and collaboration. Your work directly supports programs and missions that matter.
This role is analyst-focused, not engineering-heavy. You will be responsible for monitoring cloud environments, investigating security events, and leading incident response, while supporting an existing Threat Analyst on the team.
What You’ll Do:
Serve as a senior escalation point for cloud security alerts and incidents, supporting and collaborating with the Threat Analyst
Lead incident response activities: triage, investigation, containment, remediation, and post-incident reporting
Monitor AWS, Azure, and SaaS environments for suspicious activity using SIEM, cloud-native security tools, and log sources
Conduct security investigations and cyber threat analysis within a cloud/SaaS environment
Perform threat detection and alert tuning (use-case driven, not tool engineering)
Follow and help refine incident response playbooks, SOC 2 controls, and security procedures
Produce clear documentation, incident reports, and root-cause analyses for technical and non-technical stakeholders
Partner with IT and compliance teams to support SOC 2 and NIST-aligned security operations
What You’ll Have:
5+ years of cybersecurity experience, with a strong emphasis on security operations and incident response
Background in SaaS or cloud technical support that evolved into a SOC, IR, or cloud security analyst role
Hands‑on experience investigating incidents in AWS, Azure, and M365 environments
Strong understanding of cloud logs, identity events, access anomalies, and SaaS security telemetry
Experience operating in a SOC 2–regulated environment
Familiarity with SIEM platforms, alert triage workflows, and escalation procedures
Comfortable working from established security tooling rather than building tools from scratch
Nice to Have (Not Required):
Certifications such as GCIH, GCED, GCIA, CCSP, or cloud security fundamentals
Experience supporting or mentoring junior analysts
Why This Role:
Senior‑level influence without engineering‑heavy expectations
Opportunity to focus on real‑world incident response and investigations
Stable, mission‑driven organization with executive support for security
Clear procedures, defined escalation paths, and mature cloud operations
Total Compensation:
~$140K depending on experience
Work Environment:
Politically engaged, nonpartisan organization
*No sponsorship available for this role
Seniority level Associate
Employment type Full‑time
Job function Information Technology
Industries Civic and Social Organizations
#J-18808-Ljbffr
Technical Recruiting @ District Partners LLC District Partners is engaged on supporting a mission-focused organization headquartered in Washington, DC in their search for a Senior Cloud Security Analyst. This is a hybrid role requiring 2 days per week onsite at HQ.
This organization plays a pivotal role in protecting sensitive systems and supporting national-level initiatives. The security team has strong executive backing, a mature cloud/SaaS environment, and a culture that values analytical rigor, clear procedures, and collaboration. Your work directly supports programs and missions that matter.
This role is analyst-focused, not engineering-heavy. You will be responsible for monitoring cloud environments, investigating security events, and leading incident response, while supporting an existing Threat Analyst on the team.
What You’ll Do:
Serve as a senior escalation point for cloud security alerts and incidents, supporting and collaborating with the Threat Analyst
Lead incident response activities: triage, investigation, containment, remediation, and post-incident reporting
Monitor AWS, Azure, and SaaS environments for suspicious activity using SIEM, cloud-native security tools, and log sources
Conduct security investigations and cyber threat analysis within a cloud/SaaS environment
Perform threat detection and alert tuning (use-case driven, not tool engineering)
Follow and help refine incident response playbooks, SOC 2 controls, and security procedures
Produce clear documentation, incident reports, and root-cause analyses for technical and non-technical stakeholders
Partner with IT and compliance teams to support SOC 2 and NIST-aligned security operations
What You’ll Have:
5+ years of cybersecurity experience, with a strong emphasis on security operations and incident response
Background in SaaS or cloud technical support that evolved into a SOC, IR, or cloud security analyst role
Hands‑on experience investigating incidents in AWS, Azure, and M365 environments
Strong understanding of cloud logs, identity events, access anomalies, and SaaS security telemetry
Experience operating in a SOC 2–regulated environment
Familiarity with SIEM platforms, alert triage workflows, and escalation procedures
Comfortable working from established security tooling rather than building tools from scratch
Nice to Have (Not Required):
Certifications such as GCIH, GCED, GCIA, CCSP, or cloud security fundamentals
Experience supporting or mentoring junior analysts
Why This Role:
Senior‑level influence without engineering‑heavy expectations
Opportunity to focus on real‑world incident response and investigations
Stable, mission‑driven organization with executive support for security
Clear procedures, defined escalation paths, and mature cloud operations
Total Compensation:
~$140K depending on experience
Work Environment:
Politically engaged, nonpartisan organization
*No sponsorship available for this role
Seniority level Associate
Employment type Full‑time
Job function Information Technology
Industries Civic and Social Organizations
#J-18808-Ljbffr