Equiliem
We are seeking a Cloud Security Engineer with a strong focus on Azure networking and Kubernetes to develop standards/policies, design and implement controls, and support operationalization of security measures across our estate. The role requires a self‑starter who can work independently, produce clear documentation, and contribute to our broader cybersecurity initiatives. Azure Kubernetes Service (AKS) experience is preferred.
Responsibilities
Develop Security Baselines:
Create and maintain security baselines for container clusters, including network configurations, identity management, and workload isolation.
Azure Networking Security:
Design and enforce secure networking architectures in Azure, including Virtual Networks, Network Security Groups (NSGs), Azure Firewall, Private Endpoints, and service mesh integrations.
Kubernetes Hardening:
Implement CIS benchmarks and other security controls for AKS clusters, including RBAC, pod security policies, and container image scanning.
Threat Modeling & Risk Assessment:
Conduct security reviews and threat modeling for AKS deployments and associated Azure services.
Automation & Infrastructure as Code:
Use tools like Terraform, Bicep, or Azure Resource Manager (ARM) templates to automate secure deployments.
Monitoring & Compliance:
Integrate AKS environments with Azure Security Center, Defender for Containers, and other monitoring tools to ensure continuous compliance.
Collaboration:
Work closely with cloud architects, DevOps teams, and application owners to embed security into the design and deployment lifecycle.
Qualifications
Strong knowledge of Azure networking (VNets, NSGs, Azure Firewall, Private Link, ExpressRoute).
Hands‑on experience with Azure Kubernetes Service (AKS) and Kubernetes security best practices.
Familiarity with Azure Policy, Defender for Cloud, and Microsoft Entra ID (formerly Azure AD).
Security Frameworks:
Understanding of CIS benchmarks, NIST, and Zero Trust principles.
Automation Skills:
Proficiency in Terraform, Bicep, or ARM templates for secure infrastructure deployment.
Scripting:
Experience with PowerShell or Python for automation and security tasks.
Work Style:
Able to work independently with minimal oversight; strong ownership and follow‑through.
Preferred Skills
Certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Kubernetes Security Specialist (CKS), or CISSP.
Experience with container security tools (e.g., Aqua, Prisma, Trivy).
Knowledge of DevSecOps practices and CI/CD pipeline integration.
Seniority level:
Associate
Employment type:
Contract
Industry:
Investment Banking
#J-18808-Ljbffr
Responsibilities
Develop Security Baselines:
Create and maintain security baselines for container clusters, including network configurations, identity management, and workload isolation.
Azure Networking Security:
Design and enforce secure networking architectures in Azure, including Virtual Networks, Network Security Groups (NSGs), Azure Firewall, Private Endpoints, and service mesh integrations.
Kubernetes Hardening:
Implement CIS benchmarks and other security controls for AKS clusters, including RBAC, pod security policies, and container image scanning.
Threat Modeling & Risk Assessment:
Conduct security reviews and threat modeling for AKS deployments and associated Azure services.
Automation & Infrastructure as Code:
Use tools like Terraform, Bicep, or Azure Resource Manager (ARM) templates to automate secure deployments.
Monitoring & Compliance:
Integrate AKS environments with Azure Security Center, Defender for Containers, and other monitoring tools to ensure continuous compliance.
Collaboration:
Work closely with cloud architects, DevOps teams, and application owners to embed security into the design and deployment lifecycle.
Qualifications
Strong knowledge of Azure networking (VNets, NSGs, Azure Firewall, Private Link, ExpressRoute).
Hands‑on experience with Azure Kubernetes Service (AKS) and Kubernetes security best practices.
Familiarity with Azure Policy, Defender for Cloud, and Microsoft Entra ID (formerly Azure AD).
Security Frameworks:
Understanding of CIS benchmarks, NIST, and Zero Trust principles.
Automation Skills:
Proficiency in Terraform, Bicep, or ARM templates for secure infrastructure deployment.
Scripting:
Experience with PowerShell or Python for automation and security tasks.
Work Style:
Able to work independently with minimal oversight; strong ownership and follow‑through.
Preferred Skills
Certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Kubernetes Security Specialist (CKS), or CISSP.
Experience with container security tools (e.g., Aqua, Prisma, Trivy).
Knowledge of DevSecOps practices and CI/CD pipeline integration.
Seniority level:
Associate
Employment type:
Contract
Industry:
Investment Banking
#J-18808-Ljbffr