Key skills
Azure cloud securityMicrosoft Entra IDMicrosoft Defender for CloudIdentityAccess Management (IAM)Role-Based Access Control (RBAC)Privileged access controlsSecuritycompliance frameworksHIPAA complianceAuthorization to Operate (ATO) processesCloud security monitoringLoggingIncident detectionAzure PolicyGovernance guardrailsKey managementSecrets handlingAzure Key VaultSecure network architectureHybrid/on-premises integrationInfrastructure-as-Code (IaC)Secure CI/CD pipeline practicesSecurity architecture documentationSecurity standards documentationOperational runbooksAzureVaultIAMEntra IDIdentity ManagementCI/CDCollaborationCloud Security
About this role
Nava is a consultancy and public benefit corporation dedicated to improving government services. They are seeking a Senior Security Engineer to design and implement secure Azure cloud environments for government modernization, focusing on security foundations like identity management and compliance enforcement.
Responsibilities:
- Design and implement identity and access management (IAM) models, including RBAC and privileged access controls
- Configure and advise on security tools such as Microsoft Defender for Cloud
- Define and enforce security policies and governance guardrails using Azure Policy
- Set up and guide centralized logging, monitoring, and threat detection capabilities
- Design key management and secrets handling solutions (e.g., Azure Key Vault)
- Support compliance efforts, including HIPAA alignment and ATO preparation activities
- Collaborate with teams to identify security risks and define remediation approaches
- Contribute to secure cloud architecture decisions, including networking and access patterns
- Support Infrastructure-as-Code (IaC) and CI/CD practices to ensure secure deployments
- Create security documentation, runbooks, and provide guidance to enable client teams to operate securely
Requirements:
- Experience with Azure cloud security, including Microsoft Entra ID and Defender for Cloud
- Strong knowledge of Identity and Access Management (IAM), including RBAC and privileged access controls
- Familiarity with security and compliance frameworks (e.g., HIPAA, state security standards, ATO processes)
- Experience implementing cloud security monitoring, logging, and incident detection
- Knowledge of Azure Policy and governance guardrails for enforcing security standards
- Experience with key management and secrets handling (e.g., Azure Key Vault)
- Understanding of secure network architecture and connectivity (including hybrid/on-prem integrations)
- Experience supporting Infrastructure-as-Code (IaC) and secure CI/CD pipeline practices
- Ability to define and document security architecture, standards, and operational runbooks
- Strong collaboration skills to work with engineers, architects, and stakeholders on security design and remediation