What are the responsibilities and job description for the Azure Cloud Security Engineer position at Jobs via Dice?
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Next Gen IT Inc, is seeking the following. Apply via Dice today!
We are seeking a Cloud Security Engineer with a strong focus on Microsoft Azure to design, implement, and operate security controls across a predominantly Azure-based environment. This role will partner closely with Cloud Engineering, Identity, and Cyber Operations teams to ensure secure-by-design cloud deployments, continuous monitoring, and alignment with enterprise security frameworks.
Key Responsibilities
Azure Security Architecture & Engineering
Design and implement security controls across Azure services including compute, storage, networking, and PaaS offerings
Secure Azure landing zones using best practices aligned to Zero Trust principles
Implement and manage Azure-native security services (Defender for Cloud, Conditional Access, Key Vault, etc.)
Partner with architecture teams to embed security into cloud design patterns and reference architectures
Cloud Security Operations
Monitor and respond to cloud security alerts and incidents across Azure environments
Integrate Azure logs with SIEM/SOAR platforms (e.g., Sentinel, CrowdStrike, etc.)
Support incident response activities related to cloud threats and misconfigurations
Develop automation for detection and response using Azure-native tooling
Identity & Access Security
Implement and enforce strong identity controls leveraging Microsoft Entra ID
Design Conditional Access policies and support passwordless initiatives (WHfB, FIDO2, etc.)
Ensure least privilege access using RBAC, PIM, and Just-in-Time access models
Cloud Posture & Vulnerability Management
Manage cloud security posture using tools such as Defender for Cloud and/or CNAPP platforms
Identify and remediate misconfigurations, vulnerabilities, and compliance gaps
Partner with engineering teams to prioritize and remediate risks based on business impact
Data Protection & Governance
Implement data protection controls across Azure services (encryption, DLP, data classification)
Secure data flows between cloud services and external integrations
Support compliance initiatives (NIST, CIS, ISO, PCI, etc.) through technical control implementation
DevSecOps & Automation
Integrate security into CI/CD pipelines (IaC scanning, secrets management, policy enforcement)
Support secure Infrastructure-as-Code (Terraform, Bicep, ARM templates)
Automate security controls and validation through scripting (PowerShell, Python, etc.)
Required Qualifications
5 years of experience in cloud security or cloud engineering
Strong hands-on experience securing Microsoft Azure environments (90% )
Experience with:
Microsoft Defender for Cloud / Azure Security Center
Microsoft Entra ID (Azure AD), Conditional Access, RBAC
Azure networking (VNets, NSGs, Private Endpoints, Firewall)
Familiarity with SIEM/SOAR platforms (e.g., Microsoft Sentinel, CrowdStrike, Splunk)
Experience with Infrastructure-as-Code and automation
Strong understanding of Zero Trust architecture principles
Preferred Qualifications
Experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, CrowdStrike CNAPP)
Knowledge of SaaS security monitoring and API-based integrations
Familiarity with Zscaler (ZIA/ZPA) or similar secure access solutions
Experience in hybrid environments (Azure on-prem)
Relevant certifications:
AZ-500 (Azure Security Engineer)
CISSP, CCSP, or equivalent
We are seeking a Cloud Security Engineer with a strong focus on Microsoft Azure to design, implement, and operate security controls across a predominantly Azure-based environment. This role will partner closely with Cloud Engineering, Identity, and Cyber Operations teams to ensure secure-by-design cloud deployments, continuous monitoring, and alignment with enterprise security frameworks.
Key Responsibilities
Azure Security Architecture & Engineering
Design and implement security controls across Azure services including compute, storage, networking, and PaaS offerings
Secure Azure landing zones using best practices aligned to Zero Trust principles
Implement and manage Azure-native security services (Defender for Cloud, Conditional Access, Key Vault, etc.)
Partner with architecture teams to embed security into cloud design patterns and reference architectures
Cloud Security Operations
Monitor and respond to cloud security alerts and incidents across Azure environments
Integrate Azure logs with SIEM/SOAR platforms (e.g., Sentinel, CrowdStrike, etc.)
Support incident response activities related to cloud threats and misconfigurations
Develop automation for detection and response using Azure-native tooling
Identity & Access Security
Implement and enforce strong identity controls leveraging Microsoft Entra ID
Design Conditional Access policies and support passwordless initiatives (WHfB, FIDO2, etc.)
Ensure least privilege access using RBAC, PIM, and Just-in-Time access models
Cloud Posture & Vulnerability Management
Manage cloud security posture using tools such as Defender for Cloud and/or CNAPP platforms
Identify and remediate misconfigurations, vulnerabilities, and compliance gaps
Partner with engineering teams to prioritize and remediate risks based on business impact
Data Protection & Governance
Implement data protection controls across Azure services (encryption, DLP, data classification)
Secure data flows between cloud services and external integrations
Support compliance initiatives (NIST, CIS, ISO, PCI, etc.) through technical control implementation
DevSecOps & Automation
Integrate security into CI/CD pipelines (IaC scanning, secrets management, policy enforcement)
Support secure Infrastructure-as-Code (Terraform, Bicep, ARM templates)
Automate security controls and validation through scripting (PowerShell, Python, etc.)
Required Qualifications
5 years of experience in cloud security or cloud engineering
Strong hands-on experience securing Microsoft Azure environments (90% )
Experience with:
Microsoft Defender for Cloud / Azure Security Center
Microsoft Entra ID (Azure AD), Conditional Access, RBAC
Azure networking (VNets, NSGs, Private Endpoints, Firewall)
Familiarity with SIEM/SOAR platforms (e.g., Microsoft Sentinel, CrowdStrike, Splunk)
Experience with Infrastructure-as-Code and automation
Strong understanding of Zero Trust architecture principles
Preferred Qualifications
Experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, CrowdStrike CNAPP)
Knowledge of SaaS security monitoring and API-based integrations
Familiarity with Zscaler (ZIA/ZPA) or similar secure access solutions
Experience in hybrid environments (Azure on-prem)
Relevant certifications:
AZ-500 (Azure Security Engineer)
CISSP, CCSP, or equivalent