Azure Cloud Security Engineer (Madrid - Hybrid)

The company : Our customer is a technology-based startup with solid funding that is in the midst of expansion.

They will hire the selected candidate as an internal and permanent employee, based in Madrid, but providing services to their global organization.

Description of the position : We're looking for a Azure Cloud Security Engineer for its global operations in Madrid.

He/She will be instrumental in safeguarding our cloud infrastructure.

You will lead the design, implementation, and continuous improvement of monitoring and alerting systems across Azure and Microsoft 365 environments, ensuring proactive detection and response to security threats.

Key Responsibilities and tasks: Security Monitoring & Incident Response : Deploy and manage monitoring tools such as Microsoft Defender for Cloud, Azure Monitor, and Sentinel to detect anomalies across endpoints, identities, and cloud workloads.

Configure alerting for critical events including failed logins, unusual access patterns, and malicious email activity in M365.

Collaborate with the IT and Product teams to define alert thresholds and escalation paths.

Logging & Visibility : Implement logging pipelines for endpoints, M365 services and Azure infrastructure.

Ensure audit logs are activated and retained in accordance with company's compliance standards.

Governance & Compliance : Support the rollout of MFA and SSO across all key applications, contributing to access control improvements.

Participate in security risk assessments and maintain documentation for exceptions and mitigation plans.

Operational Integration : Work closely with the DevSecOps and Platform Engineering teams to align monitoring with the evolving cloud operating model.

Contribute to the definition and implementation of security baselines, RBAC models, and observability strategies.

Working Experience: 5+ years of deep expertise in Azure security services (Defender, Sentinel, Azure Monitor, Application Insights, Azure Policy).

Experience in setting up security logging, monitoring and alerting from zero.

Not mandatory but preferred : Experience working in a SOC.

Experience with Palo Alto security products.

Experience with securing Kubernetes, virtual machines and API Manager.

Soft skills : Strong communication skills to interface with stakeholders across Security, IT, and Product teams.

International work experience working with international teams.

Education and Training: Bachelor's Degree or vocational training qualification: In information technology, or a related field.

Certifications : Not mandatory but preferred Microsoft Certified: Azure Security (AZ-500), Azure Security Operations Associate (SC-200).

Languages: Spanish: Very good Business Spanish required (excellent communication skills).

B2/C1 level.

English: Very good Business English required (excellent communication skills).