Azure Cloud Security Engineer

About the position

As a cloud security engineer, you know how to assess and implement requirements that ensure the safety of information systems and protect them against intentional or inadvertent access or destruction. You will guide the development and implementation of cloud-based security architectures for some of the customer's most critical systems. You will be responsible for securing the customer's hybrid cloud environment, helping protect their data, applications, and services. You will play a key role in the design, implementation, and continuous improvement of cloud security controls, policies, and procedures that align with the customer's organizational strategy and compliance requirements. You'll recommend tools and capabilities based on your research of the current environment and knowledge of various on-premise, cloud-based, and hybrid resources to address the risk management framework (RMF). Your technical expertise will be vital as you work with DevOps, Security Engineering, Networking, and other teams to ensure standards are met with information assurance and security requirements. This is an opportunity to use the latest cloud technologies as you look for ways to secure your customers' environment. You'll continue to strengthen your skills in automation, cloud-based security, RMF, STIGS, and Zero Trust while mentoring tomorrow's cloud security experts.

Responsibilities

• Secure the customer's hybrid cloud environment.
• Protect data, applications, and services.
• Design, implement, and continuously improve cloud security controls, policies, and procedures.
• Recommend tools and capabilities based on research of the current environment.
• Work with DevOps, Security Engineering, Networking, and other teams to ensure compliance with security standards.

Requirements

• 5+ years of experience with the government, public, or private industry.
• 2+ years of experience with implementing API security policies and access controls using OAuth 2.0, SAML, Federation, and SSO.
• Experience with planning, building, deploying, and monitoring secure cloud infrastructure, applications, and services in Azure.
• Experience with using cloud infrastructure as code (IaC), including Terraform, Bicep, or Azure Resource Manager.
• Experience with scripting languages to automate tasks, such as Bash or PowerShell.
• Experience with supporting cloud identity access management policies or cloud monitoring services.
• Knowledge of security guidance, controls, and frameworks, including NIST RMF and SP 800-53, DoD STIGs, or CIS benchmarks.
• Knowledge of Agile methodologies.
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements.
• Bachelor's degree.

Nice-to-haves

• Experience with networking in cloud environments.
• Experience with using static or dynamic code analysis tools and techniques to ensure cloud IaC is secure.
• Experience with microservice technologies, including Docker or Kubernetes.
• Experience with deploying secure infrastructure, applications, and services with cloud native or neutral CI/CD solutions.
• Experience with scripting languages to perform advanced infrastructure security monitoring using Python.
• Experience with performing GitOps.
• Experience with AWS.
• Master's degree.
• AWS, Azure, or GCP Certification.
• Security+, CRISC, CISSP, or similar Certification.

Benefits

• Health, life, disability, financial, and retirement benefits.
• Paid leave.
• Professional development.
• Tuition assistance.
• Work-life programs.
• Dependent care.
• Recognition awards program for exceptional performance.