Azure Cloud and Security Engineer (SC-200/SC-300, CISSP)

The IT Cloud (Azure) and Security Engineer plays a critical role in designing, implementing, and securing cloud-based infrastructure and applications within Microsoft Azure. This position supports IT development and security initiatives by managing cloud systems, enforcing security protocols, and producing high-quality documentation, diagrams, and procedures that ensure operational clarity and compliance. Installs, monitors, and directs proactive and reactive computer network defense measures to ensure the availability, integrity, and reliability of systems. Supports Disaster Recovery and Business Continuity programs. Prioritizes and plans work activities;sets goals and objectives; uses time efficiently; communicates activities and results as appropriate. These are the foundational domains the engineer should understand deeply: - Microsoft Azure Architecture & Services - Compute (VMs, App Services, Functions) - Networking (VNets, NSGs, Azure Firewall, ExpressRoute) - Storage (Blob, File, Disk) - Identity (Azure AD, Conditional Access, RBAC) - Monitoring (Log Analytics, Azure Monitor, Sentinel) - Cloud Security & Compliance - Zero Trust principles, defense-in-depth, and secure access patterns - Azure-native security tools (Defender for Cloud, Key Vault, Security Center) - Regulatory frameworks (NIST 800-53, CJIS, HIPAA, FedRAMP, CIS Benchmarks) - Infrastructure as Code (IaC) & Automation - Bicep, Terraform, ARM templates - GitHub Actions, Azure DevOps, PowerShell scripting - ITIL & Change Management - Incident, problem, and change management processes - Documentation standards and lifecycle management - Enterprise Documentation Practices - Diagramming (Visio, Lucidchart) - SOPs, runbooks, and flowcharts for repeatable processes These are the applied capabilities the engineer should demonstrate: - Cloud Deployment & Optimization - Design and deploy scalable, cost-effective Azure solutions - Monitor and tune performance, availability, and cost - Security Engineering - Configure and monitor security baselines, alerts, and threat detection - Perform vulnerability assessments and remediation - Technical Documentation - Translate complex systems into clear, visual, and written documentation - Maintain version-controlled documentation repositories - Customer Support & Troubleshooting - Provide Tier 3 support for cloud and security incidents - Communicate clearly with non-technical stakeholders during escalations - Collaboration & Cross-Team Enablement - Work with developers, compliance officers, and IT operations - Lead knowledge-sharing sessions and contribute to team wikis These reflect the engineer’s capacity to apply knowledge and skills in real-world settings: - Diagnose and resolve complex cloud and security issues independently - Design secure-by-default architectures that meet compliance mandates - Document and communicate technical concepts to diverse audiences - Balance proactive security hardening with agile development needs - Adapt to evolving technologies and regulatory requirements.