Job Title / Role:Senior AzureSecurity Engineer / Architect
Total Experience: 12+ Years
Seasoned cloud security expert with in-depth knowledge on comprehensive security design, implementation and management across all cloud resources and services.
Key Responsibilities -
Design and implement extensive Cloud Security related activities that include, but not limited to:
Technical Qualification/ Knowledge:
- End to End cloud security design and implementation for a 100% cloud (Azure) environment in a highly sensitive financial data processing environment
- Architecture and design of security controls, product best fit analysis to ensure end to end security covering different approaches for layered security, zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations, Threat intelligence, Threat exposure & Incident management aspects for the cloud deployments
- In-depth experience on Infrastructure Security design and deployments using combination of 3rd-party and cloud native security services (Azure AD, Azure Security Center, Azure VNets, VNet-peering, NSG, Azure DDoS, Load Balancers, WAF, Storage security, Azure API management, is a must.
- Experience around Application risk profiling, Application security assessment for cloud native development and deployments
- Hands-on experience in the technical deployment, configuration, integration, support, and administration of security technologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) for Azure cloud environment.
- Experience around creating and audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements
- Define and enforce polices and guardrails for extensive security controls across environments, educating broad user base for effective distributed security responsibilities and best practices.
- Well-versed with agile application development principles leveraging modern DevOps principles, embedding strong security throughout CI/CD process (Azure DevOps).
- Strong knowledge of security controls automation for effective DevSecOps implementation, monitoring, reporting and operational support.
- Must be well-versed with selection and deployments of best of breed security technologies from cloud-native and Azure Marketplace offerings.
- Azure security monitoring, configuring, managing with combination of security tools and policies
- Configure rules for real-time alerting in SIEM tool for events
- Lead continuous compliance process for SOC-II and other obligatory customer security requirements and reporting
- Perform ongoing security enhancements, testing and validation to ensure robust and functional security across all environments.
- Lead security events identification, qualification, incident response and investigation process
- Evaluate and approve requests for identity and access controls, addition or removal of permissions/roles for accounts for users, groups, resources and applications
- Conduct security reviews periodically
- Review and analyze audit records weekly for identified unusual activity and provide evidence of review and/or findings
- Participate in functional incident response testing annually
- Assist in remediation of all vulnerabilities and security assessment findings
Additional Qualifications and Experience:
- Hands-on knowledge on Azure security technologies and associated components and variations
- Azure Security Center, Azure Monitor, Log Analytics, Sentinel, QRadar
- Azure Networking: VNET, Network Security Group (NSG), VNet peering, Azure Firewall
- Azure Storage Security: storage accounts, managed disks, blobs, encryption at rest and in-transit, Azure KeyVault,
- Azure Active Directory, RBAC, MFA, SAML, Conditional Access
- Azure Load Balancers, WAF, Application Gateway, Availability Sets/Scale Sets
- Knowledgeable about Windows Operating System, Server hardening, Group Policies, event and log management
- Experience with multiple security tools and technologies including Next-Gen Firewalls (Palo Alto), McAfee ePO, DLP, CrowdStrike, ZScaler, Vulnerability Assessment (Tenable.io)
- Ability to lead troubleshooting of cloud security issues, detect and confirm anomalies, identify risks, perform root cause analysis
- Solid understanding and Experience in cloud computing based services architecture, technical design and implementations including IaaS, PaaS, and SaaS.
- Design of clients Cloud environments with a focus on mainly on Azure and demonstrate Technical Cloud Architectural knowledge.
- Delivery of customer cloud strategies, aligned with customers business objectives, with a focus on cloud-native development, with built-in resiliency, security and DR strategies
- Nurture cloud security expertise within technical and leadership teams to drive secure Cloud Adoption and expansion.
- Ensure all cloud solutions follow security and compliance controls, including data sovereignty.
- Deliver cloud platform architecture documents detailing the vision for how Azure infrastructure and platform services support the overall security architecture, interaction with application, database and testing teams for providing a holistic view to the customer.
- Collaborate with application architects and DevOps to modernize infrastructure as a service (IaaS) applications to Platform as a Service (PaaS)
- Create solutions that support a DevSecOps approach for delivery and operations of services
- Automation skills to introduce and embed Security-as-Code principles leveraging Azure native and other scripting tools for rapid and secured cloud deployments
- Communicate new ideas or suggestions for analysis/process improvement.
- Continuously mentor and groom junior cloud security engineers and associates for consistent security design and implementations across workloads.
- Microsoft Azure Security related certifications are strongly recommended
- Information Security and Architecture related certifications are strongly recommended
- Strong understanding of security incident response processes
- Experience with Financial industry regulation and compliance preferred
- Punctual and capable of managing assigned deadlines
- Detail oriented and presents ideas clearly and concise
- Ability to troubleshoot cloud issues, perform root cause analysis
- Create, maintain, improve SOPs, runbooks and other related security documentation
- Provide L3 support for critical incident response and escalations
If interested please share your resume at [HIDDEN TEXT] or call me on 8688005050
- Strong communication skill and capability to work under the direction of Senior Azure Cloud Engineers, Architects
- Strong documentation skill
- Customer focused
- Timely and accurate communication
- Need to demonstrate ownership for technical issues and engage right stakeholders for timely resolution
- Willing to work in different time zones as per project requirement
- Good attitude to work in team and as individual contributor based on the project and situation
- Focused, result oriented and self-motivated