Senior Cloud Security Analyst

District Partners is engaged on supporting a mission-focused organization headquartered in Washington, DC in their search for a Senior Cloud Security Analyst. This is a hybrid role requiring 2 days per week onsite at HQ.

This organization plays a pivotal role in protecting sensitive systems and supporting national-level initiatives. The security team has strong executive backing, a mature cloud/SaaS environment, and a culture that values analytical rigor, clear procedures, and collaboration. Your work directly supports programs and missions that matter.

This role is analyst-focused, not engineering-heavy. You will be responsible for monitoring cloud environments, investigating security events, and leading incident response, while supporting an existing Threat Analyst on the team.

What You’ll Do:

• Serve as a senior escalation point for cloud security alerts and incidents, supporting and collaborating with the Threat Analyst
• Lead incident response activities: triage, investigation, containment, remediation, and post-incident reporting
• Monitor AWS, Azure, and SaaS environments for suspicious activity using SIEM, cloud-native security tools, and log sources
• Conduct security investigations and cyber threat analysis within a cloud/SaaS environment
• Perform threat detection and alert tuning (use-case driven, not tool engineering)
• Follow and help refine incident response playbooks, SOC 2 controls, and security procedures
• Produce clear documentation, incident reports, and root-cause analyses for technical and non-technical stakeholders
• Partner with IT and compliance teams to support SOC 2 and NIST-aligned security operations

This role focuses on monitoring and response, not designing or building cloud infrastructure.

What You'll Have:

• 5+ years of cybersecurity experience, with a strong emphasis on security operations and incident response
• Background in SaaS or cloud technical support that evolved into a SOC, IR, or cloud security analyst role
• Hands-on experience investigating incidents in AWS, Azure, and M365 environments
• Strong understanding of cloud logs, identity events, access anomalies, and SaaS security telemetry
• Experience operating in a SOC 2–regulated environment
• Familiarity with SIEM platforms, alert triage workflows, and escalation procedures
• Comfortable working from established security tooling rather than building tools from scratch

Nice to Have (Not Required):

• Certifications such as GCIH, GCED, GCIA, CCSP, or cloud security fundamentals
• Experience supporting or mentoring junior analysts

Why This Role:

• Senior-level influence without engineering-heavy expectations
• Opportunity to focus on real-world incident response and investigations
• Stable, mission-driven organization with executive support for security
• Clear procedures, defined escalation paths, and mature cloud operations

Location: Hybrid — 2 days/week onsite (Washington, DC metro area)

Total Compensation: ~$140K depending on experience

Employment Type: Full-time, direct hire (no contract or C2C)

Work Environment: Politically engaged, nonpartisan organization

*No sponsorship available for this role