ENTERPRISE ARCHITECT (Azure Security Architect
Role details
Job location
Tech stack
Job description
The successful candidate is responsible for implementing technology initiatives to secure our key government client's cloud environment. The selected candidate will be accountable for assisting in strategic planning and architecture and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures.
Requirements
Experience Required: (Microsoft Azure Cloud experience preferred; Gov-Cloud experience preferred)
Education: Bachelor's degree in a technology field; master's degree preferred.
5+ years' cyber-related experience in a commercial environment with Azure, in a technical information security and risk management role.
5+ years managing security policies and initiatives in Azure.
Identity Access and Management concepts, multifactor authentication, SSO/Federation.
Privileged Access Management key concepts.
Ability to set up and configure Azure security platforms and function as an overall lead managing end-to-end security across Azure cloud regions.
Network and application vulnerability testing as it relates to Azure systems.
Security concepts and tools related to CI/CD pipelines and software scanning.
Able to demonstrate understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux, with demonstrated direct experience in the following domains:
Identity, Credential and Access Management (ICAM)
Authentication and Authorization, including SSO and Identity Federation
Zero Trust Model
Defense-in-Depth
Governance and Compliance
Securing Data
Securing the Operating System
Protecting the Network Layer
Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response
Cloud Core Platform: Compute, Storage, Networking
Other experience desired:
- Government environments and Gov-Cloud experience.
- Certifications: CISSP, CCSP, Azure/AWS/Google security-specific training and certification.
- CrowdStrike Falcon EDR for Azure.
- Managing and maintaining FISMA and FedRAMP compliance for a government information system.
- Demonstrated experience collaborating directly with external clients, business leadership, and auditors.
- 5+ years firsthand experience working with various Azure security tools/platforms such as:
- Extended Detection and Response (XDR): Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity
- Data Protection: Microsoft Purview, Microsoft Information Protection, DLP, OneTrust, Kubernetes
- Identity and Access Management (IAM): Zero Trust, Azure IAM and AWS IAM, Entra ID (Azure AD), Multitenant Organization (MTO), Lighthouse, Key Vault, Conditional Access
- Monitoring and Compliance: Microsoft Sentinel, Microsoft Defender for Cloud (MDC)
- Entra ID (formerly Azure AD), M365