Cybersecurity Engineer (Microsoft Azure/M365/AWS)

About The Position

Requirements

• Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience
• In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
• Previous experience in planning and managing IT projects

Nice To Haves

• Bachelor’s degree and six years of experience or an equivalent combination of education and work experience
• Banking or financial services experience
• For a Build Engineer: Experience creating build definitions. Experience with setting up branching approach, defining merging approach. Experience supporting configuration of automated unit testing. Experience supporting configuration of build package, providing oversight when a build is checked-in into the CI server, handling build dependency impediments raised by the team. Experience managing the build process for multiple releases

Responsibilities

• Design and implement enterprise Azure AD solutions including Conditional Access, MFA, Privileged Identity Management (PIM), and passwordless authentication while ensuring zero-trust security principles
• Configure and manage Azure RBAC, custom role definitions, and Azure AD roles to enforce least-privilege access across cloud resources and applications
• Implement identity governance frameworks including access reviews, lifecycle management, and automated provisioning/deprovisioning workflows
• Architect and deploy defense-in-depth security controls using Azure Security Center, Microsoft Defender for Cloud, and Azure Sentinel for threat detection and response
• Design and implement network security solutions including Azure Firewall, NSGs, Application Gateway WAF, and private endpoints to secure cloud workloads
• Configure Azure Policy, Blueprints, and management groups to enforce security compliance and governance standards across subscriptions
• Monitor and respond to security incidents using Azure Sentinel SIEM/SOAR, implementing automated playbooks and investigation workflows
• Implement data protection strategies using Azure Key Vault for secrets management, encryption at rest/in transit, and Azure Information Protection
• Ensure compliance with regulatory requirements (SOC2, HIPAA, GDPR) through Azure Compliance Manager and continuous security assessments
• Integrate security into CI/CD pipelines using Azure DevOps, implementing infrastructure as code (Terraform/Bicep) with built-in security controls
• Develop PowerShell and Azure CLI scripts to automate security tasks, compliance reporting, and identity management operations
• Implement container security for AKS environments including pod security policies, Azure AD integration, and container image scanning

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.