About the job
Primary Responsibilities:
Developing, testing, and deploying Azure Security Controls across the firm’s Azure tenants
Providing security recommendations and solutions for migrating and new applications in the Client environment to Azure
Working closely with vendors and partner squads to develop, deploy, and test Cloud security services
Responding to Azure Cloud security drifts in timely manner and working with the stakeholders to remediate the drifts
Integrating, configuring, documenting, and deploying compliant infrastructure and supporting services in the Cloud platform
Troubleshooting problems, analyzing root cause, and (where possible) fixing bugs introduced by owned or managed security solutions
Collaborating with Risk Management, Security Architecture, and Cyber Incident Response teams to ensure necessary controls to Cloud services are deployed and tested
Provide training and review sessions to the teams regarding solutions implemented
Working in a globally distributed team to provide innovative and robust Cloud-centric solutions
Required Skills:
Knowledge of the Shared Responsibility Model; keen understanding of the security risks inherent in hosting cloud-based applications and data
Experience developing across the security assurance lifecycle (including prevent, detect, respond, and remediate controls)
Experience configuring Azure native security tooling and capabilities such as Azure Policy, Azure Monitor, etc
Experience solutioning and configuring event-driven serverless-based security controls in Azure, including but not limited to technologies such as Azure Function, Automation Runbook, Logic App
Deep understanding of DevOps processes and workflows
Working knowledge of the Secure SDLC process
Experience with Infrastructure as Code (IaC) tooling such as Terraform and ARM templates
Familiarity with standard Azure security tooling such as Microsoft Defender Suite, Sentinel
Familiarity with Logging and data pipeline concepts and architectures in cloud
Strong in scripting languages such as PowerShell, Python and Bash
Experience creating technical architecture documentation
Excellent communication, written and interpersonal skills
Practical experience in designing and configuring CICD pipelines
Practical experience in Azure DevOps, GitHub Action, and Jenkins
Experience in ITSM
Ability to articulate complex technical concepts to non-technical stakeholders
Experience writing queries and analytics in Kusto Query Language (KQL)
Experience with risk control frameworks and engagements with risk and regulatory functions
Experience in the financial industry would be a plus
Azure Certifications would be a plus
Any graduate