Key skills
AzureCloudCyber SecurityKubernetesVaultIAMEntra IDActive DirectorySSOSingle Sign-OnCI/CDZero Trust
About this role
Role Overview
- Analyze and continuously monitor cybersecurity and privacy policies, processes, compliance artifacts, system authorizations, and control effectiveness in an Azure cloud environment.
- Map existing and proposed security controls and safeguards to compliance requirements for cloud services, including NIST and FedRAMP (Federal Risk and Authorization Management Program).
- Manage the implementation of security and compliance controls, including Microsoft Entra ID (formerly Azure Active Directory) lifecycle management, Microsoft Sentinel, and related Azure security services.
- Conduct architecture reviews and security impact assessments for technology initiatives and software delivery, documenting risk, compensating controls, and residual risk.
- Coordinate application and infrastructure risk mitigation and vulnerability remediation activities with engineering and operations stakeholders.
- Design, implement, and validate security controls to support compliance within a FedRAMP High environment.
- Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide incident response support to detect, contain, and prevent threats.
Requirements
- 6+ years of cybersecurity experience securing Microsoft Azure in commercial or government environments, including control design, implementation, and operations.
- Experience in managing security policies and initiatives in Azure across identity, network, data protection, and monitoring.
- Experience in implementing Identity and Access Management (IAM) capabilities, including multifactor authentication (MFA), single sign-on (SSO)/federation, Conditional Access, and Privileged Access Management (PAM) using Microsoft Entra ID.
- Experience in configuring and operating Azure security platforms and services such as Microsoft Sentinel, Microsoft Defender for Cloud and related extended detection and response (XDR) capabilities, Azure Policy/Blueprints, and Azure Key Vault.
- Experience in performing network and application vulnerability assessments for cloud workloads and coordinating remediation through measurable closure targets.
- Experience in enabling security in continuous integration/continuous delivery (CI/CD) pipelines, including static/dynamic analysis and software composition analysis with documented quality gates.
- Bachelor’s degree in cybersecurity, computer science, information systems, engineering, or a related field, and related experience and/or military experience.
- Experience with government cloud environments and maintaining FISMA and FedRAMP compliance (e.g., Azure Government/GovCloud) is great to have.
- Certifications such as CISSP, CCSP, or vendor security certifications (e.g., Microsoft Azure Security Engineer Associate), or equivalent knowledge demonstrated through hands-on experience is great to have.
- Experience with Microsoft Defender XDR suite, Microsoft Purview, data loss prevention (DLP), and Kubernetes security is great to have.
- Experience applying Zero Trust patterns and MITRE ATT&CK–aligned threat modeling in Azure is great to have.
Tech Stack
- Azure
- Cloud
- Cyber Security
- Kubernetes
- Vault
Benefits
- Fuel Your Life program to support your physical, financial, social, and emotional well-being.
- Paid holidays and generous time away policies.
- No-cost mental health support through Employee Assistance Programs.
- Living Proof program to recognize your peers’ extra effort with points redeemable for rewards.
- Eight Employee Resource Groups to foster a collaborative culture and expand your network.
- Unparalleled professional growth with training, development, and internal mobility opportunities.
- Medical, dental, vision, life, and disability insurance options available from day one.
- Retirement planning and discounted shares with the Employee Stock Purchase Plan.
- Tuition assistance and reimbursement program.
- Paid parental, caregiver, and military leave.