Note: The job is a remote job and is open to candidates in USA. HonorVet Technologies is a veteran-owned IT staffing firm specializing in working with federal agencies and Fortune 500 clients. They are seeking an experienced Azure Cloud Security Engineer to design, implement, and optimize cloud security controls across Microsoft Azure, ensuring the organization's cloud security posture is strong and compliant.
Responsibilities
- Design and implement Azure landing zone security controls, including identity, networking, VNets, NSGs, and private endpoints
- Configure, deploy, and optimize Microsoft Sentinel, Microsoft Defender XDR, Defender for Cloud, and Defender for Cloud Apps (CASB)
- Perform Cloud Security Posture Management (CSPM) assessments against CIS Azure Foundations Benchmark and Microsoft Cloud Security Benchmark (MCSB), and recommend remediation plans
- Build and manage Azure Policy initiatives, policy-as-code, and automated remediation to enforce governance and reduce configuration drift
- Implement encryption, key management, and certificate governance using Azure Key Vault
- Configure Azure Monitor, Log Analytics, telemetry, alerting, and SIEM integrations
- Secure Azure services including AKS, Container Apps, Azure Functions, Logic Apps, and Azure Container Instances
- Conduct cloud architecture security reviews and threat modeling
- Develop Infrastructure-as-Code (Terraform, Bicep, ARM) security guardrails and vulnerability management workflows
- Support cloud security incident investigation and containment activities
- Create documentation, operational runbooks, standards, and knowledge transfer materials
Skills
- 4-7 years of hands-on experience in Azure Cloud Security Engineering
- Strong experience with Microsoft Azure security services, including Defender for Cloud, Microsoft Sentinel, Defender XDR, and Defender for Cloud Apps (CASB)
- Experience implementing Azure Policy, governance frameworks, and Infrastructure-as-Code (Terraform, Bicep, or ARM)
- Experience performing CSPM assessments using CIS Azure Foundations Benchmark and Microsoft Cloud Security Benchmark (MCSB)
- Strong knowledge of Azure IAM, networking, encryption, Key Vault, and cloud-native security best practices
- Experience securing hybrid cloud environments
- Proficiency in scripting and automation using PowerShell, Python, Bash, KQL, or similar technologies
- Microsoft Certified Azure Security Engineer Associate (AZ-500)
- Experience with container and Kubernetes security (AKS)
- Knowledge of MITRE ATT&CK framework and cloud detection engineering
- Experience with cloud monitoring, logging, and security automation
- Strong documentation and technical communication skills
- CCSP or equivalent cloud security certification
Company Overview
Company H1B Sponsorship