Cloud Security Analyst (IGT1)

IGT1 is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates. We’re also proud to be a sister company of IFS, Sri Lanka’s largest and most established technology company. 

At IGT1, we partner with global businesses to provide them with an operation that maximizes efficiency, spurs growth, allows them to develop and deliver world-class product and services, and create long-term value. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives. 

With a team of over 500 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary. 

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives.

About Rhapsody:

Rhapsody Health is at the forefront of revolutionizing healthcare with cutting-edge technology that drives meaningful change. Our platform empowers healthcare providers and patients to enhance care delivery and streamline processes, making a tangible impact on the healthcare landscape. As a B Corporation, we are deeply committed to balancing purpose with profitability, and our global team spans countries including Canada, Spain, Switzerland, the United Kingdom, the United States, New Zealand and Sri Lanka.

We are seeking Staff Developers to join our mission of transforming healthcare through innovation and excellence. In this role, you'll be instrumental in advancing our world-class healthcare solutions, collaborating closely with product, design, and engineering teams in a dynamic, outcome-focused environment. If you’re passionate about making a difference and thrive in a collaborative setting, we invite you to be part of our journey to redefine healthcare for the better.

We are seeking aCloud Security Analyst with2–3 years of hands-on AWS Cloud Engineer or Cloud Operations experience who has moved into (or is moving into) cloud security. This role requires someone who hasworked directly in AWS production environments and can apply that operational knowledge to identify, analyze, and remediate security risks using modern cloud security tools.

This isnot an entry-level security role andnot a penetration testing position. The role is focused oncloud security operations (SOC-style), ownership of findings, and driving remediation.

Key Responsibilities

• Monitor and analyze cloud security posture acrossAWS environments using:
  • Upwind (CSPM)
  • AWS Security Hub
  • AWS GuardDuty
  • AWS Inspector
• Monitor and respond to endpoint and workload security alerts usingSentinelOne
• Identify, assess, and track:
  • CVEs
  • IAM misconfigurations
  • Cloud infrastructure security risks
• Logically analyze and triage security alerts/events and determine appropriate response and escalation
• Drive remediation of security findings by working directly with Cloud Engineering, DevOps, and Operations teams
• Apply hands-on AWS operational knowledge to recommendpractical, implementable security fixes
• Maintain clear documentation of:
  • Security findings
  • Risk assessments
  • Remediation actions and outcomes
• Communicate security risks, priorities, and remediation status clearly to technical teams and leadership
• Support internal security standards, compliance requirements, and best practices
• Continuously improve cloud security workflows, alerting, and operational processes

Required Skills & Experience (Must Have)

• 2–3 years of hands-on experience as an AWS Cloud Engineer or Cloud Operations Engineer
• Direct experience operatingproduction AWS environments
• Strong hands-on knowledge of AWS services, including:
  • IAM, EC2, VPC, Security Groups, CloudTrail, CloudWatch
• Experience using cloud and endpoint security tools such as:
  • Upwind (or similar CSPM platform)
  • AWS Security Hub
  • AWS GuardDuty
  • AWS Inspector
  • SentinelOne
• Strong understanding of cloud security fundamentals, including:
  • CVEs
  • IAM misconfigurations
  • Secure cloud architecture principles
• Experience in acloud security operations or SOC-style environment
• Ability to logically evaluate security alerts and determine next steps
• Strong written and verbal communication skills
• Proven ability to work cross-functionally anddrive issues to closure
• Detail-oriented with strong documentation and organizational skills

Nice to Have

• Upwind or CSPM tool hands-on experience
• Experience supporting SaaS platforms or regulated environments (e.g., healthcare, financial services)
• Exposure to compliance frameworks and internal security standards
• Background in DevOps or SRE-style operational teams
• Experience working with globally distributed teams

What We’re Looking For

• Someone who hasactually built and operated AWS environments, not just reviewed them
• A self-starter who takesownership of security findings end-to-end
• A strong communicator who can bridge cloud engineering and security
• A practical, execution-focused security professional

What Success Looks Like in This Role

• Security alerts are triaged quickly and accurately
• Findings are driven to remediation, not just reported
• Engineering teams trust and act on security recommendations
• Cloud security posture measurably improves over time
• Repeated misconfigurations and vulnerabilities are reduced

We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time, we value the power of in-person collaboration to build community, spark innovation, and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP