Information Technology Security Specialist

Core Specialty is seeking a Senior Azure Cyber Security Engineer to serve as a hands-on technical leader and subject matter expert within the Cyber Security Engineering function. This is a senior individual contributor role with no direct reports, focused on designing, implementing, and operating security controls across Azure, identity, endpoint, cloud application, and network security domains. This role operates in a fast-paced, high-volume environment with a broad and evolving security landscape. The ideal candidate is comfortable balancing strategic security initiatives with day-to-day operational engineering work, operates with minimal direction, and proactively identifies gaps, proposes solutions, and executes with a strong sense of ownership.

The selected candidate will be required to work a hybrid schedule (3 days in office/2 remote) out of our Dallas, TX, or Cincinnati, OH office. No relocation assistance is being offered with this role.

Key Accountabilities/Deliverables:

Cloud Security Engineering & Program Maturation

• Serve as a senior technical contributor driving the maturation of Core Specialty’s Azure security posture
• Identify gaps in cloud security controls, define remediation approaches, and deliver measurable improvements
• Act as a technical escalation point for complex security engineering challenges and incidents
• Partner with IT, GRC, and business stakeholders to align security engineering solutions with risk objectives
• Balance work across multiple concurrent projects and BAU (business-as-usual) security operations

Azure Security & Policy Engineering

• Design, implement, and manage Azure Policy definitions, initiatives, and assignments to enforce security baselines and regulatory requirements
• Engineer and maintain security configurations across Azure services, including Azure Firewall, Network Security Groups (NSGs), Key Vault, and Microsoft Defender for Cloud
• Develop and operationalize monitoring, alerting, and remediation workflows for Azure policy non-compliance

Cloud Application Security

• Define and enforce cloud application security policies using Microsoft Defender for Cloud Apps (MDCA)
• Implement Conditional Access App Control for real-time session enforcement across SaaS applications
• Establish cloud application risk scoring, usage policies, and data exfiltration controls
• Partner with business units to assess and onboard new cloud applications with appropriate security guardrails

Identity & Access Management

• Architect and manage Microsoft Entra ID (Azure AD) security configurations, including: Conditional Access, Privileged Identity Management (PIM), Access reviews and identity governance, Role-based access control (RBAC)
• Govern identity lifecycle and entitlement management across Azure and integrated SaaS platforms
• Support identity security governance in AWS IAM, including federation and cross-cloud identity considerations

Network Security Engineering

• Design and manage Azure-native network security controls, including: Azure Firewall, Azure Front Door, Azure WAF, Azure DDoS Protection, VNets, Private Endpoints, and NSGs
• Support perimeter and segmentation security using Palo Alto Networks firewalls and Panorama
• Manage and support Cloudflare security services (WAF, DDoS, DNS security, ZTNA, Bot Management)
• Collaborate with network engineering teams to ensure designs align with zero trust principles

Endpoint Security & Intune Engineering

• Design, deploy, and manage Microsoft Intune security policies at scale, including: Device compliance and configuration profiles, Endpoint protection and ASR rules, Application Protection Policies (MAM), Windows Autopilot and enrollment controls
• Maintain endpoint security baselines aligned with CIS benchmarks
• Support integration and operational transition to SentinelOne as the primary EDR platform
• Partner with IT operations to safely test and deploy endpoint security changes

Incident Response & Documentation

• Act as a senior technical escalation point during security incidents
• Contribute to incident response playbooks and post-incident reviews
• Produce high-quality technical documentation, including: Security architecture diagrams, SOPs and runbooks, Policy rationale and audit artifacts

Technical Knowledge and Understanding:

• Working knowledge of AWS IAM, federation (SAML/OIDC), and cross-cloud identity concepts
• Strong understanding of cloud architecture, networking fundamentals, and zero trust principles
• Excellent technical documentation and written communication skills
• Ability to operate independently in a fast-moving environment with evolving priorities
• Excellent communication, analytical thinking, and problem-solving abilities.

Certifications (Preferred)

• AZ-500, SC-100, SC-200
• CISSP
• PCNSE
• AWS Security Specialty
• Relevant GIAC certifications

Experience:

Required Qualifications

• 5 years of progressive experience in cybersecurity engineering
• Deep expertise in Microsoft Azure security and the Microsoft security ecosystem
• Hands-on experience with: Azure Policy (JSON), Intune, Entra ID (Conditional Access, PIM, RBAC), Microsoft Defender for Cloud and Defender for Cloud Apps
• Functional experience with network security platforms, including Palo Alto Networks and Cloudflare
• Strong background with Azure components

Preferred Qualifications

• Experience in insurance, financial services, or other regulated industries
• Familiarity with NAIC Model Laws, SOX, and insurance regulatory requirements
• Experience with NIST CSF, CIS Controls, or ISO 27001
• Infrastructure-as-Code experience (Terraform, Bicep, ARM)
• PowerShell and/or KQL for automation and investigation
• Experience with Microsoft Purview, DLP, or information protection
• Familiarity with CI/CD and DevSecOps practices
• Cloudflare Zero Trust experience

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa for this position.