Cloud Security Architect

About The Position

Requirements

• Bachelor's Degree or higher in Computer Science or equivalent
• 5+ years of prior work experience experience in cloud architecture or solution design with a focus on Microsoft Azure and Microsoft 365 security
• Proven expertise in cloud security best practices, with strong knowledge of Azure Security Center, Microsoft Defender, and other security tools.
• Hands-on experience with Azure Active Directory (AAD)/Entra ID, Conditional Access, Identity Protection, and security policies.
• In-depth knowledge of Data Loss Prevention (DLP) strategies and tools within Microsoft 365 and Azure.
• Understanding of compliance frameworks and regulatory requirements (e.g., GDPR, SOC 2, ISO 27001, HIPAA).
• Strong background in encryption, identity and access management (IAM), and security monitoring tools such as Azure Sentinel, Cloud App Security, Microsoft Defender for Identity, and CrowdStrike Falcon and CS dashboard.
• Experience implementing security features such as Zero Trust architecture, threat detection, and vulnerability management.
• Familiarity with PowerShell scripting, Azure CLI, and other automation tools for managing cloud resources securely.
• Knowledge of Azure Firewall, Azure Front Door, Web Application Firewall (WAF), and other Azure security solutions.
• Experience in developing or maintaining security operations centers (SOC) or managing security incident response processes.
• Strong analytical and problem-solving skills, with the ability to identify and address security vulnerabilities.
• English required

Nice To Haves

• Azure Solutions Architect Expert (AZ-303/304 or AZ-305) or equivalent certifications an advantage.
• Certified Information Systems Security Professional (CISSP) or other security-related certifications an advantage.
• Microsoft Certified: Security, Compliance, and Identity Fundamentals or advanced security certifications an advantage
• Experience with Azure Sentinel for security incident monitoring and response an advantage.
• Familiarity with Microsoft Defender for Cloud and integration with third-party security tools an advantage
• Understanding of advanced cloud threat models and vulnerability scanning methodologies an advantage
• Strong communication and presentation skills with the ability to interact with both technical and non-technical stakeholders an advantage.

Responsibilities

• Design and implement secure cloud infrastructures using Microsoft Azure and Microsoft 365 services
• Architect and manage secure Azure Active Directory (AAD)solutions
• Leverage Azure Security Center, Microsoft Defender, and other tools to establish best practices for securing cloud environments
• Ensure that all cloud architectures comply with industry regulations and internal security policies
• Identify potential security risks in cloud services and design mitigation strategies
• Implement cloud security tools such as Azure Sentinel, Microsoft Defender for Identity, and Cloud App Security to monitor and automate threat detection and response
• Ensure the encryption of data at rest and in transit across all cloud environments
• Work closely with internal stakeholders, external clients, and vendors to ensure cloud environments are designed with a focus on security and meet business objectives
• Provide leadership in identifying, responding to, and remediating security incidents or vulnerabilities within cloud services
• Participation in day-to-day vulnerability management activities and keep improving vulnerability management process
• Educate teams on cloud security best practices, DLP policies, and compliance requirements
• Define and agree, together with stakeholders, the BCM process and plans, disaster recovery plans and metrics and goals