Cloud Security Architect

Location’s:

- Berkeley Heights, NJ (primary)
- Omaha, NE
Marietta, GA
Atlanta, GA
***Onsite 5 days a week***

-

Candidates should be able to answer these questions. If they have difficulty or cannot answer these questions, they will not be strong candidates.

1. Given a scenario, you are required to make sure that your all SQL Database data are protected with encryption at rest and only authorized users can read the data: what will be your approach?

1. Also, how will you make sure that VNet A can access VNet B. What will be your approach ?

2. What will be your approach to safeguard the secrets, keys, and certificates from being accessed from the public network in the cloud?

3. Your company has 3 enterprise application and wants to make sure that users get access by requesting them with the lifecycle of only 8 hours?

4. How will you protect your Azure infrastructure platform E.g., VM access, SQL Database (make sure access ) ?

5. Phishing resistance MFA

1. Company only uses Smartcard to gain access in the platform and make sure you continue to evaluate their access every 2 hours. To avoid session hijack, how will you approach this?

Interview Process:
- 2 rounds of interviews

Are you passionate about securing cloud environments and driving innovation? We’re seeking an experienced Azure Cloud Security Engineer to join our dynamic team. As a key player, you’ll blend hands-on expertise with architectural insights to safeguard our Azure infrastructure. Here’s what awaits you:

1. Design Cutting-Edge Security Solutions: Lead architecture reviews, shaping critical decisions. Dive into IAM (Entra ID/Azure Active Directory), posture management, workload protection, SIEM/SOAR, and application testing. Your expertise will fortify our defenses against emerging threats.

2. Collaborate and Elevate: Be the bridge between security and agility. Collaborate with agile teams, ensuring security requirements are seamlessly woven into development cycles. Your impact will resonate across our hybrid cloud deployments, including FedRAMP High solutions.

3. Must Have experience: Ideally you will have secured an Azure DevOps instance and have implemented personally many if not all aspects of security for your applications and infrastructure. We are running a FedRamp environment and zero trust architecture knowledge is required. You know Azure Defender, Azure Sentinel, Azure Application Gateway.

JOB RESPONSIBILITIES:

1. Design Azure Cloud Security Solutions:
o Lead architecture reviews for decision records.
o Cover IAM (Entra ID/Azure Active Directory), posture management, workload protection, SIEM/SOAR, and application testing.
2. Architectural Runway and Collaboration:
o Create infosec requirements for infrastructure and app development.
o Collaborate with agile teams to meet security needs.
3. Continuous Monitoring and Compliance:
o Monitor cybersecurity policies, compliance artifacts, and systems authorization.
o Map security controls to compliance requirements.
4. Zero-Trust Implementation:
o Integrate Azure Zero-Trust Architecture into cloud solution design.
5. Risk Mitigation and Vulnerability Remediation:
o Coordinate risk reduction efforts for applications and infrastructure.
6. Hybrid Cloud Deployment:
o Deploy FedRAMP High hybrid cloud solutions, integrating on-premises components.
7. Threat Assessment and Incident Response:
o Assess vulnerabilities and provide incident support.

REQUIRED SKILLS:
1. Azure Expertise:
o Microsoft Azure Cloud experience (GovCloud preferred).
o Familiarity with Azure security tools/platforms (e.g., Azure AD, Sentinel, Defender, Monitor, Key Vault).
2. Education and Experience:
o Bachelor’s degree in a technology field (Master’s degree preferred).
o 5 years of cyber-related experience in a commercial environment with Azure, focusing on technical information security and risk management.
3. Security Proficiency:
o Identity Access and Management concepts (including multifactor authentication and SSO/Federation).
o Privileged Access Management.
o Vulnerability testing for Azure systems.
o Understanding of CI/CD pipelines and software scanning.
4. Cloud Security Domains:
o Demonstrated expertise in Information Security and Risk Management across Windows and Linux.
o Familiarity with key domains:
§ Identity, Credential, and Access Management (ICAM).
§ Authentication and Authorization (including SSO and Identity Federation).
§ Zero-Trust Model.
§ Defense-In-Depth.
§ Governance and Compliance.
§ Data Security.
§ Operating System Security.
§ Network Layer Protection.
§ Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response.
§ Cloud Core Platform (Compute, Storage, Networking).

GOOD TO HAVE:

• INFOSEC Certifications: CISSP, CCSP, CISM.
• Azure/AWS/Google Training and Certification.
• Microsoft Certifications/Exams (recommended): Sc-100 Cybersecurity Architect, Sc-300 Identity and Access Administration, AZ-500 Azure Security Engineer.
• Crowdstrike Falcon EDR for Azure.
• Managing/maintaining FISM.

Job Type: Contract

Pay: $70.00 - $75.00 per hour

Schedule:

• Monday to Friday

Experience:

• Information security: 1 year (Preferred)
• Network security: 1 year (Preferred)
• Software deployment: 1 year (Preferred)

License/Certification:

• CISSP (Preferred)
• ITIL Certification (Preferred)

Ability to Commute:

• Atlanta, GA (Required)

Ability to Relocate:

• Atlanta, GA: Relocate before starting work (Required)

Work Location: In person