Sr. Security Architect/Azure Cloud Security Engineer

About The Position

Requirements

• Bachelor’s degree in cyber security, information technology or related field or equivalent experience working in field.
• 12 years of experience supporting IT with 3 years in Azure administration and security.
• 3 years of experience working with Microsoft native tools like Microsoft Defender for Identity, Microsoft Defender for Cloud, Microsoft Defender for IoT, Defender for O365 and Microsoft Sentinel.
• Good understanding of security concepts (Zero Trust Network, CASB, Cloud computing.
• Technical skills with Linux and Windows operating systems and scripting languages like PowerShell, Python, .Net.
• Soft skills set to successfully understand, challenge, and translate the business needs and communicate to the relevant parties with a structured and methodical approach to problem solving.
• Good communicator with passion for the domains of Cyber Security.
• Agile, Scrum, DevSecOps knowledge.
• Must have CISSP or equivalent (Security+, CAP, CEH) or more advanced certifications to be considered and approved by the government.
• Microsoft Azure security certifications (AZ-500, MS-500, or SC-200) strongly preferred.
• US Citizenship is required to obtain a Department of Energy security clearance.

Nice To Haves

• Strong understanding of Security tools such as Splunk, Tenable, Firepower, WebInspect,
• Strong understanding of networking, e.g., IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS.
• Strong understanding of configuring security policies and securing applications and data.
• Strong familiarity with cloud capabilities and products and services for Azure, e.g., Azure Active Directory, Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, and KeyVault.
• Strong understanding of Security processes in the Government sector.
• Good interpersonal skills also required to work closely together with products owners and cloud architects to help build a secure and robust enterprise-grade cloud platform.
• Certifications in Azure Security Engineer Associate (AZ-500) and other industry certifications are preferred including Security+, CEH, OSCP, CCSK, GIAC.

Responsibilities

• Maintain and improve the security posture of the Azure platform by identifying, and remediating vulnerabilities by using a variety of security tools.
• Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks.
• Implement and configure security controls and policies across the IT infrastructure to manage access to data and monitor threats to ensure that data, apps, containers, and networks are protected.
• Maintain native tools like Microsoft Defender for Identity, Microsoft Defender for Cloud, Microsoft Defender for IoT, Defender for O365 and Microsoft Sentinel.
• Facilitate the secure migrations of on-prem applications to the Azure cloud.
• Implementing threat protection and responding to security incident escalations.
• Automate security controls, data, and processes to provide better metrics and operational support.
• Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Microsoft Sentinel.
• Support cloud engineers to implement security best-practices and enable secure development and release processes.
• Ensure compliance
• Deliver/update task documentation, briefings, SOPs and post on CsIA wiki.
• Facilitate collaboration between security administrators and development engineers to enhance communication and build effective division-wide processes.
• Identify areas of weakness and work with stakeholders to mitigate risks.