vmysmartpros

Compensation

Full Description

Job title: Senior Azure Cloud Security Engineer Company: CenterGrid LLC Job description: Job description The Sr. Azure Cloud Security Engineer will be responsible for driving, implementing, managing, monitoring, and governance of Azure Security and Threat Operations to ensure that we remain proactively positioned with the ever-evolving threat and compliance landscape. To achieve this goal, this person will drive, collaborate on, and implement secure designs, contribute changes to our infrastructure-as-code by implementing security controls as necessary, develop and cultivate threat models, countermeasures, and compensating controls. Additionally, this person will drive the design and deployment of new tools to continue improving our security posture. As such, the Sr. Azure Cloud Security Engineer is expected to stay abreast with emerging Azure Cloud technologies and implementations, as well as their impact on the security landscape. You will use your technical experience to assess, design, engineer, implement, and manage security operational controls and tooling. These controls will be aligned and focused on maintaining compliance with security standards including but not limited to SOC2 TypeII, HITRUST CSF, NIST SP800-53 (Rev5). The Sr. Azure Cloud Security Engineer will partner with infrastructure, DevOps, and Security teams on security strategy, implementation, and management. We are looking for individuals with a passion for security, technology, and innovation. Individuals should be champions of security who are eager to work on a collaborative team to drive change, create security tools and services, and to solve problems ultimately protecting company and customer intellectual property, data, and customer data. Essential Duties / Responsibilities Strategic • Serve as an Azure security SME and provide guidance on industry best practices and in-depth defense strategies • Contribute to the ongoing support, development, and maintenance of the infosec and risk management program • Provide technical expertise on trends and emerging changes to Azure cloud security landscape • Key member of the Detection and Response team to operationalize newly developed security capabilities and perform investigations related to security incidents Proactive • Research, design, collaborate, Implement, maintain and monitor security solutions including but not limited to Azure advanced DDoS protection, NextGen Firewalls, host and network-based intrusion detection and intrusion prevention, WAFs, Application Gateways, load balancers, continuous security monitoring and risk assessment for our Azure cloud infrastructure • Proactively identify security issues, recommend, collaborate on, and implement configuration remediations • Identify opportunities for security improvement of our cloud infrastructure and services • Analyze and make recommendations to improve security of our cloud infrastructure, platform, and architectures • Examine network, server, application, and aggregated logs to determine trends and identify security incidents • Ensure implementation of security and compliance requirements are met and maintained Tactical/Daily • Maintain and create security and operational controls to enforce security policies • Work closely with the Infrastructure, DevOps, and Security teams to resolve security related configuration issues • Develop, document, and maintain security and compliance architecture standards for our Azure cloud • Assess, measure, and communicate the risk impact of identified security deficiencies and remediate as appropriate • Implement, review, and maintain strong access controls and identity roles within Azure IAM • Maintain and improve continuous monitoring of Azure resources • Review and approve controls needed to protect technology assets and data • Configure and troubleshoot security infrastructure resources • Collaborate with DevOps to ensure cloud security for promoting DevSecOps • Participate in the ongoing maintenance, testing, and improving the incident response program • Work with Infrastructure, DevOps, and security Teams to ensure security is factored into evaluation and deployment • Assist in the review and updates to infosec policies, architectures, and standards • Assists in responding to audits, penetration tests and vulnerability assessments • Drive ongoing hardening of Azure infrastructure Qualifications/Skills Requirements • Bachelor's degree required Computer Science, Information Security, or related field • 7+ years of experience working in security focused engineering roles • 5+ years’ experience implementing, enhancing, and operationally managing security solutions in Azure • Cyber threat vectors and countermeasures • Windows and Linux platforms • Cloud Infrastructure and Cloud Security • Strong understanding of networking basics, including TCP/IP and layer 7 protocols and the security practices around Networking (WAN, LAN, wLAN, NSGs), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security • LogAnalytics, Security Center, Sentinel, Defender for Cloud, SIEM, SOAR • Vulnerability scanning, DLP • VPN, NextGen Firewalls, network monitoring, advanced DDoS protection, host-based and network-based intrusion detection and intrusion prevention, WAFs, App Gateways, Active Directory, web server security, IdP, etc. • Foundational / functional understanding of APIs (RESTful, SOAP, Websockets, Federated Auth flow) • Solid understanding of audit methodologies and processes for compliance with SOC1/SOC2, HiTrust, etc. • Security technologies including encryption, data protection, access privilege management • Strong knowledge of common vulnerabilities and advanced exploitation techniques required • Experienced in Azure Devops and with Azure IAC/ARM infrastructure as code templates • Solid coding and scripting skills (PowerShell, Bash, Kusto, etc.) • Practical experience with database security, content filtering • Experience with IAM strategy, best practices and design • Experience with Active Directory and Azure AD • Experience with WSUS • Experience with industry security frameworks (HITRUST CSF, NIST CyberSecurity, OWASP, SANS, etc.). • Experience with implementation of single and multi-tenant cloud environments • Experience in securing serverless compute and cloud platform services such as Azure Functions • Experience creating and maintaining threat models • Solid understanding of modern attacker tactics, techniques, and procedures • Knowledge on Azure security detection and response Big Pluses to Have • Information Risk or Security Certifications - (Azure Security AZ-500, CISSP, CCSP, CIAM) • Experience working with container-based architectures • Have worked in a rapid-growth software development/SaaS organization before Personal Attributes • Self-driven; motivated and possesses the ability to work independently with little or no supervision • Excellent inter-personal skills: ability to interact with all layers of personnel • Ability to communicate learnings gleaned from analysis in a clear, concise manner • Outstanding written, verbal, and presentation skills • Strong attention to detail • Experience working with virtual teams in a global environment • Adaptable and agile • Good interpersonal, partnership, and leadership skills (without direct authority of others) • Thrives in a fast-moving work environment Powered by JazzHR Expected salary: Location: Cincinnati, OH Apply for the job now! [ad_2]