Cloudignyte is seeking an Azure Security Solutions specialist to plan, execute and continuously improve its cloud security posture. A successful candidate have a deep understanding on Azure services and how to develop and enforce security controls.
The candidate will be hands on in designing and prototyping solutions to enhance the security posture and provide guidance to the engineering team on an on-going basis.
Scope of activities:
- Develop/Deploy/Support Application & Infrastructure security checks and guardrails throughout the lifecycle across IaaS, PaaS, SaaS and container platforms.
- Work as part of an fast paced Security Engineering team.
- Threat modelling and a risk based approach to deploying security controls.
- Design and implement automated technology solutions to assess, monitor, and enforce security requirements in Azure environments
- Administration and management of cloud security tools and third-party Security as a Service solutions
- Ensure end to end effectiveness of cyber security controls
- Proactive monitoring of the security posture to ensure solutions are developed to operate at scale.
- Conduct security assessments and articulate identified security issues/vulnerabilities to technical and non-technical audience
- Identify, research, and validate security alerts and recommendations
- Work closely with the defensive teams to identify gaps, address findings, and improve breach response in the Azure environments
- Provide security consulting services to new projects and improving the posture of existing services.
- Drive the standardisation of design artifacts and provide guidance to the engineering team.
- Participate in all Agile ceremonies to create user stories and to assist in developing Sprints and Releases.
- At least 5 years security experience inc. 2+ years of experience with Azure
- Offensive Security-oriented mindset (threat-modelling, vulnerability assessments, pen testing, etc.)
- Experience with automation tooling
- Experience using Azure DevOps/ VSTS
- Experience with Security Centre, Key Vault, Application Gateway, Network Security Groups, Azure Information Protection, Azure AD
- Experience with architecting complex solutions using native Azure technologies
- Knowledge of Cloud security fundamentals or Cyber threats as they relate to Cloud
- Deep understanding of CI/CD pipelines
- Ability to learn to new concept and technologies quickly
- Microsoft Certification in Az-900, Az-303 and Az-304