Task and Responsibilities:
Implement and maintain cloud security policies, access controls, and role-based access management on Azure environments.
Identify and address security misconfigurations in cloud infrastructure, ensuring systems are hardened and compliant with company policies.
Respond to cloud security incidents, coordinating with IT and cybersecurity teams to resolve issues and minimize impact.
Collaborate with other cybersecurity teams to ensure adherence to company security regulations and requirements.
Work closely with other Hybrid Cloud teams to ensure services and infrastructures are secure, hardened, and compliant with internal standards.
Design and implement solutions to mitigate risks and enhance cloud security posture, including vulnerability management and threat detection.
Develop and maintain security monitoring, alerting, and response strategies for Azure-based systems (as well as other Cloud Service Providers).
Conduct security assessments and audits for compliance with industry standards and company policies.
Provide guidance and best practices to internal teams for secure cloud development and deployment.
Collaborate with non-technical business teams to implement security changes while minimizing impact on operations.
Knowledge and Technical Abilities:
In-depth knowledge of Azure security tools, services, and best practices, including Azure Defender for Cloud offering, Azure Entra ID, Key Vault, and Azure Policy.
Experience with role-based access control (RBAC) and implementation of least-privilege models in cloud environments.
Strong understanding of network security concepts (firewalls, VPNs, encryption protocols) and their implementation in a hybrid cloud environment.
Proficiency in identifying and mitigating cloud misconfigurations and vulnerabilities.
Familiarity with security compliance standards such as ISO 27001, NIST, SOC 2, and GDPR.
Knowledge of DevSecOps practices and integration of security controls in CI/CD pipelines.
Strong incident response and forensic analysis skills for cloud environments.
Excellent communication and soft skills to liaise between technical and non-technical stakeholders.
Ability to manage and prioritize tasks in a fast-paced environment.
Educational qualification:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
A Master's degree is a plus but not required.
Certifications:
Azure Security Engineer (AZ-500) (required)
Certified Information Systems Security Professional (CISSP) (preferred)
Certified Cloud Security Professional (CCSP) (preferred)
Microsoft Certified: Azure Solutions Architect Expert (plus)
Experience:
Minimum of 5 years of experience in cloud security roles, with a focus on Azure.
Proven experience in implementing security policies, access control, and incident response in a cloud environment.
Experience collaborating with cross-functional teams, including non-technical stakeholders, to implement security measures.
#J-18808-Ljbffr