At least 3+ years of hands-on experience implementing Azure cloud security and hardening, especially in a large or complex environment.
Hands-on experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security) required.
Experience with implementing a cloud-based container vulnerability scanning tool required.
Cloud operations engineering skills to measure platform effectiveness and identify areas for improvement required.
Experience in Configuration Management (experience with Terraform based deployments) required.
Hands-on experience in driving end to end security for cloud product scanning, pen testing required.
Experience with Docker and Kubernetes required.
Experience with PRISMA, Nessus vulnerability scanning, Sysdig , Azure ATP, Windows Defender ATP anti-malware preferred.
Knowledge in IT Audit, IT Security, Information Risk Management, IT Governance or other IT Compliance related work preferred.
Experience with HITRUST, HIPPA, GDPR and CCPA regulation requirements and documenting policies and procedures preferred.
Experience in IT architecture, infrastructure, cloud migration & development, engineering and software architecture design, business analysis, and DevOps preferred.
Knowledge of B2C Okta solution preferred.
Platform monitoring skills and knowledge of DevOps processes and tools (Jenkins, Bitbucket, Sonarqube, Selenium, Cucumber, Terraform, Sysdig) required.
CI/CD management and automation preferred.
Experience with JIRA, scrum and Kanban methodologies to create tickets and run Kanban board required.
Strong communication skills and ability to work with cross-functional teams required.
Basic technical writer/business analyst/security analyst skills to document, design and draft user stories required.
Ability to learn and adopt new tools and technologies required.
Expectations
Orchestrate & Automate cloud security controls
Build, maintain and manage central security policies for Azure cloud infrastructure.
Perform VM upgrades, patching and security scanning
Azure Security Center monitoring to address threats and resolve security vulnerabilities
Address Linux and Windows OS vulnerability scan results
Remediate Container image scan results and alerts
Analyze security data and report on threats and incidents across various platforms and environments.
Centralized Log Management, define security alerts and proactive monitoring using Azure Alert and Monitor
Enable/Implement the HITRUST, HIPPA, GDPR and CCPA regulation requirements/controls
Anti-Malware scanning and monitoring for VMs and provide regular reports
Enable Identity & Access Management using AD, Azure AD and Privilege Identity Management
Monitor system performance and recommend corrective action.
Perform Cloud Security Assessments, Auditing and reporting
Collaborate with product owners, developers, and support staff to ensure continuous and reliable delivery of service