1872 Consulting
Azure Security Engineer – Azure Focus
1872 Consulting, Chicago, Illinois, United States, 60290
Azure Security Engineer – Azure Focus
Chicago, IL – hybrid WFH: 3 days onsite in the loop, 2 days work from home
Overview
The Azure Security Engineer reports to the Security Operations Manager, and is primarily responsible for designing, implementing, and supporting security initiatives within our robust Azure ecosystem – with a big focus on DevSecOps, IAM, Monitoring and Encryption. This role also will drive incident response activities related to Azure, ensuring timely detection, containment, and remediation of potential threats. Last, this person will partner with our GRC team for audits, and other GRC initiatives that include cloud security. While we are an Azure-only environment currently, we are evaluating a multi-cloud setup, so any experience with AWS or GCP is also a nice to have. What you'll be doing
Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Drive DevSecOps best practices within an Azure environment
Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production.
Drive IAM best practices within an Azure environment Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Skills we're seeking
3+ years of experience with Cloud Security Engineering
Must have strong Azure Security Engineering specifically including Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management
Experience designing and managing secure DevSecOps pipelines using Azure DevOps Must have strong IAM experience Must have strong encryption experience Nice to haves (in this order)
Bachelor's Degree or Master's Degree, ideally in Computer Science or an IT/Security related field Cloud/Security certifications (ideally Azure) such as Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+
Non-cloud security certificaitons such as a CISSP is still great to have
Network security experience Multi-cloud security experience with AWS and/or GCP (with Azure) Experience working in heavily regulated industries Global experience
#J-18808-Ljbffr
The Azure Security Engineer reports to the Security Operations Manager, and is primarily responsible for designing, implementing, and supporting security initiatives within our robust Azure ecosystem – with a big focus on DevSecOps, IAM, Monitoring and Encryption. This role also will drive incident response activities related to Azure, ensuring timely detection, containment, and remediation of potential threats. Last, this person will partner with our GRC team for audits, and other GRC initiatives that include cloud security. While we are an Azure-only environment currently, we are evaluating a multi-cloud setup, so any experience with AWS or GCP is also a nice to have. What you'll be doing
Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Drive DevSecOps best practices within an Azure environment
Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production.
Drive IAM best practices within an Azure environment Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Skills we're seeking
3+ years of experience with Cloud Security Engineering
Must have strong Azure Security Engineering specifically including Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management
Experience designing and managing secure DevSecOps pipelines using Azure DevOps Must have strong IAM experience Must have strong encryption experience Nice to haves (in this order)
Bachelor's Degree or Master's Degree, ideally in Computer Science or an IT/Security related field Cloud/Security certifications (ideally Azure) such as Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+
Non-cloud security certificaitons such as a CISSP is still great to have
Network security experience Multi-cloud security experience with AWS and/or GCP (with Azure) Experience working in heavily regulated industries Global experience
#J-18808-Ljbffr