Link Technologies
Microsoft Azure Security Assessment Consultant
Link Technologies, Denver, Colorado, United States, 80285
Job Description
Link Technologies (LinkTechConsulting.com), a Las Vegas-based IT consulting firm, is currently seeking a Microsoft Azure Security Assessment Consultant to join our team in Denver, CO. JOB SUMMARY This role will work with the business technologies information security team to conduct a comprehensive security assessment of our Microsoft Azure environment, identify security gaps, and provide actionable recommendations to enhance overall security posture, governance, and compliance.
REQUIREMENTS
Five (5) years of hands-on Azure experience, whether in administration, engineering, architecture, or security is strongly preferred. RESPONSIBILITIES
Evaluate Architecture:
Review the Azure cloud architecture to identify potential security design flaws. Assess alignment with Microsoft's Cloud Adoption Framework, NIST CSF, and Zero Trust principles.
Recommend Azure Security Policies:
Recommend security baselines and Azure Policy definitions for security hardening. Identify and suggest policy initiatives (built-in and custom).
Design CrowdStrike Cloud Sensors and Connectors:
Assist with architecture and deployment planning for CrowdStrike sensors or connectors to enable real-time visibility and protection of cloud workloads, containers, and other Azure systems. Validate the Azure and Defender Ecosystem:
Ensure CrowdStrike integrates effectively with Azure native tools such as Microsoft Defender for Cloud and Sentinel for event correlation, alerting, and incident response.
Policy and Configuration Review:
Review and recommend CrowdStrike policies to align with cloud security best practices (e.g., runtime protection, vulnerability detection, identity protection).
Enable Continuous Monitoring and Alerts:
Recommend dashboards, alert thresholds, and define escalation paths for cloud-specific threat detections within the CrowdStrike console.
Knowledge Transfer and Documentation:
Provide documentation and a walkthrough on how to monitor, maintain, and respond to alerts generated by CrowdStrike within the Azure environment.
Review Firewall Rules and NSGs
Analyze Firewall and Network Security Group (NSG) configurations. Identify overly permissive rules or potential misconfigurations. Recommend remediation and segmentation improvements.
Role-Based Access Control (RBAC)
Evaluate existing RBAC assignments for "least privilege" adherence. Identify use of overly broad role assignments. Recommend custom roles where applicable.
Privileged Identity Management (PIM)
Review implementation of Azure AD PIM. Validate configuration of just-in-time (JIT) access and approval workflows. Ensure administrative access is limited and monitored.
Review Remote Access Methods:
Assess all methods used to access Azure and connected resources remotely (e.g., VPN, Bastion, Just-in-Time VM access, remote desktop protocols, Azure Arc). Confirm that remote access events are being logged, retained, and monitored within Sentinel or other SIEM tools. Validate alerting for unusual access behavior.
Microsoft Defender for Cloud
Review Defender for Cloud configuration and coverage. Validate security recommendations and assess secure score posture. Ensure threat protection capabilities are appropriately enabled.
Network Security
Analyze Virtual Network (VNet) configurations and peering. Review ExpressRoute, VPN Gateways, and perimeter controls. Assess segmentation and network-level threat protection.
Key Vault and Secrets Management
Assess Azure Key Vault access policies, RBAC integration, and use of managed identities. Review expiration, rotation policies, and audit logging.
Vulnerability Management
Evaluate available vulnerability scanning tools and make recommendations on the future state. Review patch management practices and reporting.
Resource Configuration Drift
Analyze tools or scripts in place to detect drift from desired configurations. Recommend remediation and alerting mechanisms.
Backups and Site Recovery
Review backup policies and configurations. Evaluate replication and disaster recovery strategies for critical workloads.
Log Collection and Alerting
Review diagnostic log collection configurations. Validate log retention policies and storage accounts. Review alert rules and action groups for completeness and relevance.
Azure Sentinel Integration
Assess Azure Sentinel deployment and data connector coverage. Review workbook, analytic rule, and incident configurations. Validate SOAR (automation) playbooks and alert tuning.
SQL and Azure Database Security
Verify that transparent data encryption (TDE), threat detection, auditing, and firewall settings are properly configured for all SQL and PaaS database resources. Evaluate access control and use of Private Endpoints.
CI/CD Pipeline Security
Review Azure DevOps or GitHub-based CI/CD pipelines. Assess identity use, secrets management, and security scanning in pipelines. Recommend improvements for code-to-cloud traceability and shift-left security.
Pay rate:
$80-$95/hour
Link Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without discrimination based on race, color, religion, sex, gender identity/expression, sexual orientation, national origin, protected veteran status, disability, or any other factors protected by law.
Link Technologies (LinkTechConsulting.com), a Las Vegas-based IT consulting firm, is currently seeking a Microsoft Azure Security Assessment Consultant to join our team in Denver, CO. JOB SUMMARY This role will work with the business technologies information security team to conduct a comprehensive security assessment of our Microsoft Azure environment, identify security gaps, and provide actionable recommendations to enhance overall security posture, governance, and compliance.
REQUIREMENTS
Five (5) years of hands-on Azure experience, whether in administration, engineering, architecture, or security is strongly preferred. RESPONSIBILITIES
Evaluate Architecture:
Review the Azure cloud architecture to identify potential security design flaws. Assess alignment with Microsoft's Cloud Adoption Framework, NIST CSF, and Zero Trust principles.
Recommend Azure Security Policies:
Recommend security baselines and Azure Policy definitions for security hardening. Identify and suggest policy initiatives (built-in and custom).
Design CrowdStrike Cloud Sensors and Connectors:
Assist with architecture and deployment planning for CrowdStrike sensors or connectors to enable real-time visibility and protection of cloud workloads, containers, and other Azure systems. Validate the Azure and Defender Ecosystem:
Ensure CrowdStrike integrates effectively with Azure native tools such as Microsoft Defender for Cloud and Sentinel for event correlation, alerting, and incident response.
Policy and Configuration Review:
Review and recommend CrowdStrike policies to align with cloud security best practices (e.g., runtime protection, vulnerability detection, identity protection).
Enable Continuous Monitoring and Alerts:
Recommend dashboards, alert thresholds, and define escalation paths for cloud-specific threat detections within the CrowdStrike console.
Knowledge Transfer and Documentation:
Provide documentation and a walkthrough on how to monitor, maintain, and respond to alerts generated by CrowdStrike within the Azure environment.
Review Firewall Rules and NSGs
Analyze Firewall and Network Security Group (NSG) configurations. Identify overly permissive rules or potential misconfigurations. Recommend remediation and segmentation improvements.
Role-Based Access Control (RBAC)
Evaluate existing RBAC assignments for "least privilege" adherence. Identify use of overly broad role assignments. Recommend custom roles where applicable.
Privileged Identity Management (PIM)
Review implementation of Azure AD PIM. Validate configuration of just-in-time (JIT) access and approval workflows. Ensure administrative access is limited and monitored.
Review Remote Access Methods:
Assess all methods used to access Azure and connected resources remotely (e.g., VPN, Bastion, Just-in-Time VM access, remote desktop protocols, Azure Arc). Confirm that remote access events are being logged, retained, and monitored within Sentinel or other SIEM tools. Validate alerting for unusual access behavior.
Microsoft Defender for Cloud
Review Defender for Cloud configuration and coverage. Validate security recommendations and assess secure score posture. Ensure threat protection capabilities are appropriately enabled.
Network Security
Analyze Virtual Network (VNet) configurations and peering. Review ExpressRoute, VPN Gateways, and perimeter controls. Assess segmentation and network-level threat protection.
Key Vault and Secrets Management
Assess Azure Key Vault access policies, RBAC integration, and use of managed identities. Review expiration, rotation policies, and audit logging.
Vulnerability Management
Evaluate available vulnerability scanning tools and make recommendations on the future state. Review patch management practices and reporting.
Resource Configuration Drift
Analyze tools or scripts in place to detect drift from desired configurations. Recommend remediation and alerting mechanisms.
Backups and Site Recovery
Review backup policies and configurations. Evaluate replication and disaster recovery strategies for critical workloads.
Log Collection and Alerting
Review diagnostic log collection configurations. Validate log retention policies and storage accounts. Review alert rules and action groups for completeness and relevance.
Azure Sentinel Integration
Assess Azure Sentinel deployment and data connector coverage. Review workbook, analytic rule, and incident configurations. Validate SOAR (automation) playbooks and alert tuning.
SQL and Azure Database Security
Verify that transparent data encryption (TDE), threat detection, auditing, and firewall settings are properly configured for all SQL and PaaS database resources. Evaluate access control and use of Private Endpoints.
CI/CD Pipeline Security
Review Azure DevOps or GitHub-based CI/CD pipelines. Assess identity use, secrets management, and security scanning in pipelines. Recommend improvements for code-to-cloud traceability and shift-left security.
Pay rate:
$80-$95/hour
Link Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without discrimination based on race, color, religion, sex, gender identity/expression, sexual orientation, national origin, protected veteran status, disability, or any other factors protected by law.