Role Description
Use NSG flow logs and Azure Migrate logs to analyze network flows for Azure East/West communications
Flag and itemize flows not matching default security-approved policies for review and validation by application/asset owners
Coordinate with application/asset owners to request security approval for new NSG rules
Ensure all legacy subscription subnets follow the process until no hits are observed on the "any/any” rules
Lock down subnets with a "deny-any” rule for KRI-79 compliance, blocking unauthorized east/west Azure traffic
Conduct further network analysis for North/South traffic ingress/egress from Azure Internet Edge, ensuring all traffic traverses a GCZ
Expertise in using NSG flow logs and Azure Migrate logs for network flow analysis
Experience in managing Azure East/West communications and compliance with security policies