Azure Security Engineer

As an Azure Security Engineer, you will be responsible for proactively uncovering digital vulnerabilities within the Cloud environment and ensuring information assets and technologies are adequately protected.

• Strong understanding of cloud environments and assessing systems within cloud environments focusing on security posture.

• Responsible for Entra ID User management, IAM concepts within Azure Active Directory (AAD), including user and group management, conditional access policies, Enterprise app, SSO, Oauth and Multi-Factor Authentication (MFA)

• Implement Azure Defender EDR policies, Purview DLP, for Azure Iaas/PaaS/SaaS/Microsoft 365, with Sentinel integration, and Security Center and Compliance Center for monitoring and managing security and compliance-related configurations

• Responsible for securing workflows within Microsoft Office 365 applications, including but not limited to Exchange Online, SharePoint Online, OneDrive for Business, Teams, and Power Platform

• Responsible for monitoring SIEM and analyzing potential threat events using Security tools such as Tenable, Crowdstrike ArcticWolf XDR solutions.

• Responsible for Threat Hunting and identifying potential Indicators of Compromise (IOC’s).

• As part of the Cyber Security team, participates in VGLNG’s cybersecurity strategy, security awareness programs, security architecture, and security incident response.

• Maintains, and publishes up-to-date cybersecurity policies, standards, and guidelines.

• Evaluates new cybersecurity threats and IT trends and develops effective security controls.

• Supports effective disaster recovery policies and standards to align with company business continuity management program goals. Ensures business critical services are recovered in the event of disasters or other incidents, and provides support, and in-house consulting in these areas.

• Responds to potential security breaches, coordinates response, and recommend corrective actions.

Requirements:

• Azure Cloud Security Centric Experience required

• Hands on experience with Azure Enterprise-scale reference architecture IaaS/Paas/Saas

• Demonstrate expertise in cloud security and vulnerability management

• In-depth knowledge in Azure & design a secure architecture and Microsoft 365 Applications and Cloud automations

• Experience with technologies Azure Cloud with strong expertise in Azure Security native / 3rd party tools, CSPM, CWPP, CNAPP.

• Experience in conducting Cloud risk assessments and developing risk mitigation strategies within the Azure environment.

• Infrastructure as Code (IaC) experience - scripting and automation via Terraform, ARM, Bicep, AZ CLI/PowerShell, JSON templates .

• Strong knowledge of Identity and Access management principles and tools, such as Azure Entra ID, Azure ADDS, B2C, B2B, SSO, SAML, OAuth

• Experience in creating architecture patterns for public cloud and cloud-native solutions

• Hands on experience with IaC tools like, ARM, terraform, ansible, PowerShell, python, azcli, github.

• 8+ years of experience designing and planning Azure deployments in enterprise environments

• Experience in creating Incident Response plans, Ransomware / DDOS response strategies.

• Certification: AZ500, MS-102, AZ-104