Microsoft Azure Cloud Security Engineer

Responsibilities

• Partner with the Cybersecurity Architect and other cybersecurity teams to design and implement cloud data security policies, standards, and procedures for Microsoft Azure, Microsoft Information Protection, Microsoft Identity Access Management, and Data Protection.
• Perform security assessments and audits of our data and remediate any vulnerabilities or issues.
• Partner with cloud platform teams (Azure, AWS, OCI, GCP) to design and implement security controls.
• Monitor and respond to data security incidents and events and conduct root cause analysis and remediation.
• Establish and document repeatable processes that ensure proper use of encryption, key management, data masking, and data labeling technologies in the cloud.
• Develop and maintain security documentation, such as risk assessments, security plans, incident reports, and security awareness materials related to Data Protection.
• Ensure compliance with data protection legislation and standards.
• Research and evaluate new cloud data security technologies and trends and provide recommendations for improvement.
• Collaborate with stakeholders to implement and tune cloud data security monitoring, tools, and reporting for data protection policies.
• Collaborate with other engineers and developers to ensure data security is integrated into the cloud development lifecycle and DevOps processes.
• Design and enforce policies for data access, retention, and deletion.
• Provide security training and guidance to cloud users and stakeholders for data protection.

Qualifications

• Bachelor's degree in computer science, information security, or related field, or equivalent work experience.
• At least 3 years of experience in cloud security, preferably in Microsoft Azure.
• Deep understanding of Azure data protection mechanisms and encryption methods.
• Strong knowledge of cloud security concepts, principles, and best practices, such as identity and access management, encryption, logging, monitoring, firewall, network security, etc.
• Proficiency in data protection strategies for cloud storage, databases, and applications.
• Experience with Microsoft Azure security services and tools, such as Azure Security Center, Azure Sentinel, Azure Key Vault, Azure Active Directory, and Azure CloudTrail for data protection.
• Familiarity with Azure data privacy and residency controls.
• Ability to perform risk assessments and data protection audits.
• Knowledge of Azure-specific data protection tools and services.
• Experience with Microsoft Information Protection, Microsoft Identity Access Management (IAM), and Data Protection solutions.
• Experience with security frameworks and standards, such as NIST, ISO, CIS, etc.
• Experience with security testing tools and methodologies, such as vulnerability scanning, penetration testing, etc.
• Experience with security information and event management (SIEM) systems, including creating and refining searches for alerting purposes.
• Experience with scripting languages, such as PowerShell, Python, etc.
• Knowledge of infrastructure as code.
• Experience with DevOps tools and processes, such as Azure DevOps, Git, CI/CD, etc.
• Experience with data lakes.
• Excellent communication, analytical, and problem-solving skills.
• Certifications in cloud security, such as Azure Security Engineer Associate, Azure Security Technologies, etc., are preferred.