Azure Security Engineer

The Azure Security Engineer is responsible for designing, implementing, and securing our customers Azure infrastructure. Azure Security Engineers operate primarily in a remote customer facing role with a focus on integrating cloud security technologies into either an existing or new environment while providing expertise in cloud computing to drive business efficiency and innovation. Azure Security Engineers evaluate existing cloud infrastructure and provide recommendations and or implement improvements to strengthen the cloud security posture of the environment. Azure Security Engineers demonstrate strong working knowledge across Azure Commercial and Azure Gov Cloud tenants, subscription management, landing zones, networking, security, and infrastructure through implementation of Microsoft Azure best practices and infrastructure as code (IaC). Azure Security Engineers work with cloud infrastructure team members as needed to provide secure configurations within the Microsoft Azure infrastructure.

Responsibilities:

Technical Capacity

• Design Azure cloud solutions with a secure-by-design approach

• Collaborate with customer IT teams to implement and secure cloud resources, implement configurations based on security policies, standards, and best practices

• Develop and implement scalable and resilient cloud architecture solutions within Azure Commercial or Azure Gov Cloud environments

• Develop and implement migration strategies for local on premises hosted environments to Azure cloud tenants

• Work with customers to secure Microsoft Entra ID

• Create and implement migration plans for each Azure infrastructure service, system, and/or application that will be deployed to Azure as part of a migration project

• Create architectural and data flow diagrams for Azure environments

• Develop and deploy infrastructure as code (IaC) using tools like Terraform, Azure Resource Manager (ARM) templates, Bicep, and PowerShell

• Ensure systems, applications, and data meet high availability design principles and/or are replicated to meet organizational requirements for disaster and business recovery

• Analyze and ensure that proper monitoring and alerting systems are in place for systems, services, and applications in customer Azure environments

• Evaluate and recommend Azure services based on business requirements and industry best practices

• Collaborate with software developers, system administrators, and other stakeholders to integrate Azure solutions into either new or existing systems and applications

• Ensure seamless interoperability between on-premises and cloud environments

• Implement and enforce security requirements to protect Azure-based systems and data

• Define and maintain Azure Governance policies including Subscription Management, Cost Management, Security, Resource Consistency, Identity Baseline, Deployment Acceleration, etc.

• Ensure compliance of architectural and engineering policies, standards, and procedures

• Stays current with emerging cloud technologies and trends and advise on the adoption of new Azure features and services

• Works closely with development teams to support DevOps practices and implement continuous integration and continuous deployment (CI/CD) pipelines

• Leads technical discussions and presentations for internal teams as well as customers

• Recommends strategies to streamline Azure native technologies for effectiveness and efficiency, considering client needs.

• Consistently produce work product in conformance with GuidePoint Security standards

• Approaches problem solving collectively with senior staff and internal and external clients to achieve a mutually beneficial result

• Participates in the development of the Microsoft Cloud team’s strategic plans, training materials and tools

• Effectively trains and mentors staff on new and emerging Azure specific technologies

• Demonstrate ability to author professional documentation that serve as customer deliverables and internal standard operating procedures and delivery playbooks

• Performs other duties and responsibilities as required

Requirements:

• Minimum 8-10 years of experience building or managing cloud environments in medium to large companies

• Professional certification in Azure, such as Azure Solutions Architect Expert or similar preferred

• Strong understanding of cloud computing technologies, business drivers, and emerging computing trends

• Proficient in Azure services, including but not limited to Entra ID, Azure Virtual Networks / Machines, Azure App Services, Azure Kubernetes Service, Azure Key Vault, Azure Private Link/Private Endpoint

• Must pass either the Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) or the (ISC)2 Certified Cloud Security Professional within 6 months of joining the team.

• Experience with cloud security, networking, and disaster recovery best practices

• Strong knowledge of infrastructure as code (IaC) tools such as Azure Resource Manager (ARM) templates or Terraform

• Experience with network security best practices and configurations

• Strong troubleshooting skills and attention to detail

• Strong written and verbal communication skills

• Ability to solve technical, managerial, or operational problems and evaluate options based on relevant information, resources, well-rounded experience, and knowledge

• Demonstrated ability to communicate clearly and concisely, both orally and in writing, and lead presentations, training courses, and effective working sessions