JOB SUMMARY
A Cloud Security Engineer is responsible for ensuring the security of the organization's cloud infrastructure, applications, and data. This role involves designing, implementing, and maintaining security measures to protect cloud environments from cyber threats, unauthorized access, and data breaches.
KEY RESPONSIBILITIES
-
Implement and manage security solutions within Azure environments to protect against threats and vulnerabilities.
-
Develop, implement, enforce, and manage DevSecOps security solutions within the DevOps SDLC, Azure, and virtual/physical end point environments.
-
Monitor and analyze security events using Azure Sentinel to identify potential risks and incidents.
-
Configure and manage Microsoft Defender for Endpoint and Defender for Cloud.
-
Develop and enforce Azure Policies to ensure compliance with regulatory requirements and industry best practices.
-
Manage user identities and access controls using Entra ID, ensuring least privilege access principles are followed.
-
Work Closely with MSSP and MSP regarding Security Standards, enforcement, and Responses
- Utilize Intune for managing mobile devices and enforcing security policies.
-
Collaborate with cross-functional teams to remediate security issues and improve overall security posture.
-
Provide expertise, mentoring, and guidance on security best practices to internal teams and stakeholders.
-
Participate in incident response activities and conduct post-incident analysis to identify areas for improvement.
-
Enforce Customer contractual Security Compliance requirements.
ROLE QUALIFICATIONS
EDUCATION & EXPERIENCE
REQUIRED
-
Bachelor’s degree in computer science, Information Technology, or equivalent experience.
-
At least 2 years of direct experience in the field of Information Security
-
Microsoft Certified Azure Security Engineer (AZ-500) certification.
-
Experience with AWS and Google Cloud Environments.
-
Proficiency in Azure Sentinel for threat detection, investigation, and response.
-
Strong understanding and experience with Microsoft Defender for endpoint protection and threat management.
-
Ability to develop and enforce Azure Policies to maintain compliance and security standards.
-
Understanding and experience with Entra ID for identity and access management.
-
Experience with Intune for mobile device management and application control.
-
Understanding and experience with Security Co-Pilot for security orchestration and automation a plus.
PREFERRED
-
Strong problem-solving skills and attention to detail.
-
Excellent communication and interpersonal skills.
-
Ability to work independently and collaboratively in a fast-paced environment.
-
Adaptability to learn new technologies and methodologies quickly.
-
Commitment to continuous improvement and staying updated on emerging security threats and trends.
KEY COMPETENCIES
-
Results-Oriented: ability to plan, schedule and organize professional schedule to achieve strategic goals within or ahead of established time frames
-
Adaptability to Change: ability to be flexible and supportive, react swiftly to and able to positively and proactively assimilate change in rapid growth environment
-
Interpersonal Communication: ability to choose a communication behavior that is both appropriate and effective for a given situation; the ability to understand and manage your own emotions, as well as recognize and influence the emotions of others
-
Team Orientation and Collaboration: ability to successfully build and maintain collaborative relationships to work effectively together as a team through shared responsibility, respect, and empathy to complete a shared goal for a common good
-
Accountability: ability to act with a clear sense of ownership; takes personal responsibility for decisions, actions, deliverables, and failures; establishes clear responsibilities and processes for monitoring work and measuring results; embraces experimentation, creativity, and positive change
-
Cultural Competence: ability to understand and respect values, attitudes, beliefs, and mores of the member that differ across cultures, and to consider and respond appropriately to these differences in planning, implementing, and evaluating health programs and interventions
WORKING CONDITIONS/EQUIPMENT USE
-
Work is performed indoors in a typical office environment - not substantially exposed to adverse environmental conditions.
-
Must be able to lift up to fifteen (15) pounds
-
Frequent use of office machines to include telephone, computer, and printer