Azure Security Engineer
Remote
Contract
Azure Security Engineers with strong IaC in POwershell as well as Wiz, Rego, and Azure Notebooks***
Candidates must sit in EST or CST time zones
Top Skills' Details
5+ years of Azure cloud infrastructure experience at an enterprise level
***Infrastructure as Code (IaC) - experience is a MUST and focus for this role
Azure - landing zone and VNets
Powershell
Terraform
nice to have:
Wiz
IAM - identity access management in Azure
Experience w/ NoSQL databases (DynamoDB) - Nice to have
Major plus:
OPA - Open Policy Agent
REGO - Rego is a general-purpose policy language, which means that it works for any layer of the stack and any domain. The primary purpose of Rego is to accept JSON/YAML inputs and data that are evaluated to make policy-enabled decisions about infrastructure resources, identities, and operations.
Secondary Skills - Nice to Haves
Job Description
Overview:
This role focuses on supporting and enhancing the Azure cloud platform environment. It involves a combination of Business As Usual (BAU) support and critical engineering work. A significant portion of the role is dedicated to ensuring governance, compliance, and security posture within the Azure environment. The primary objective is to proactively address compliance requirements and security findings.
Key Responsibilities:
Engage proactively in Azure governance and compliance activities.
Pull and analyze compliance data to identify non-compliance findings.
Review control adherence and take necessary action on non-compliant resources or configurations.
Ensure Azure services and the teams utilizing them maintain compliance with established standards.
Proactively address potential compliance issues before they are identified by auditors or testers.
Perform security bug fixes to remediate non-compliance issues, which is considered engineering work. This involves problem-solving and developing solutions to bring configurations back into compliance.
Participate in control validation processes, including TCT (Terraform Compliance Testing) testing walkthroughs. Provide documentation or walkthroughs to show how controls are met and monitored.
Understand and interpret existing runbooks, many of which are written in PowerShell, used for monitoring control effectiveness.
Conduct feasibility reviews for net new controls proposed by the cyber risk team, assessing their technical viability within Azure.
Review, update, and/or create new detective controls. This may involve translating existing controls from PowerShell runbooks into Wiz/Rego. Implementation of these controls is the responsibility of this role.
Identify issues related to controls where policies are not used and monitoring relies on runbooks (often Azure Automation runbooks written in PowerShell).
Contribute to discussions and potentially the implementation of a future disconnected Azure tenant/sandbox environment, with a focus on establishing controls and governance
May contribute to identity-related work within Azure, understanding authentication and authorization concepts.
Required Skills & Qualifications:
Solid foundation in cloud infrastructure, with expertise in Microsoft Azure services and architecture. Must understand Azure services inside out, including various configurations and associated risks.
Ability to build with code; again the role is not that of a cloud administrator solely performing tasks via the GUI.
Essential knowledge of PowerShell is required to understand existing runbooks and control configurations.
Familiarity with or the ability to quickly learn Wiz/Rego for implementing detective controls is necessary.
Understanding of cloud security principles, governance frameworks, and compliance requirements.
Ability to troubleshoot technical issues within the Azure platform.
Understanding of cloud-based identity and access management (IAM) concepts, including authentication and authorization.
Ayush Sharma Sr. US Technical Recruiter
321-323-1062 | Ext:149
Ayush@stellentit.com | G-talk: Ayush@stellentit.com
...seeking a proactive and customer-focused Live Chat Representative to join our growing support... ...at StrataBuilt, you will be the front line of our customer support experience. You'll... ...ticketing systems is a plus. ~ Ability to work in a fast-paced, team-oriented environment...
...AdultPsychiatrist - Kern County, CA(#R10042) Board Certification/Eligibility in General Psychiatry: ABPN certification in General Psychiatry Health insurance Greenlife Healthcare Staffing is seeking an Adult Psychiatristto fill an opening that provides...
Administrative Specialist/ Receptionist Location Beavercreek, OH : Title: Administrative Specialist/ Receptionist Belong, Connect, Grow, with KBR! Program Summary This program aims to provide essential administrative and secretarial support to various departments and...
...Instructor of Genetic Counseling Location: Philadelphia, PA Open Date: Feb 07, 2024 Deadline: Feb 07, 2026 at 11:59 PM Eastern Time The Division of Translational Medicine and Human Genetics in the Department of Medicine at the Perelman School of Medicine...
NAPA is a Parts Store and So much more! We are driven to have the best people on our team to get the right parts to the right place at the right timeThe Role:A Parts Professional provides prompt and courteous service to all customers over the telephone, in the store, ...