Press ENTER to skip to the job description.
Azure & AppSec Security Engineer

Azure & AppSec Security Engineer
NC, Charlotte

Job Description

Role: Azure & AppSec Security Engineer

Type: perm, full time

Location: fully remote, working EST hours

Must Have: experience as a subject matter expert within the security function, Securing MS Azure based cloud infrastructure; Azure IaaS, PaaS and SaaS services; Azure automation with PowerShell & ARM, preferably using Terraform; Azure network security capabilities - ASG / NSG, Azure Firewall & WAF; Azure Active Directory, PIM & RBAC; Azure Key Vault; OWASP security & vulnerability management

Job Summary

Our Client is seeking a Cloud (Azure focused) & AppSec Security Engineer to join its Information Security Architecture, Engineering & Platforms team as part of its ongoing global Digital Transformation.  The mission of this role is to operate as a subject matter expert within the security function.

 

Primary Responsibilities

Enable and enhance secure cloud configuration and DevSecOps practices through collaboration with the Application Development, Enterprise Architecture & IT Operations functions and by helping to provide secure design patterns with a "hands on" security engineering mindset.

  • Serve as a subject matter expert for cloud and application security engineering solutions
  • Support the definition and implementation of security requirements bi-directionally – advising the Cyber GRC function on appropriate standards for monitoring.
  • Deliver security automation in the CI/CD pipeline via process automation and tooling; reducing security vulnerabilities and configuration weaknesses through standardization and deep monitoring.
  • Collaborate with globally diverse teams to continuously improve cloud and application security controls to enable security by design and defense-in-depth principles
  • Project Lead for all cloud & AppSec information security projects
  • Stay current with evolving technologies and effectively educate teams on security issues and opportunities in cloud and application security domains.
  • Ensure alignment of services to information security policies, standards, and frameworks/best practices (SOC, NIST, CISA, ISO, OWASP)
  • Demonstrate a commitment to lifelong learning
  • Fulfill additional, relevant, tasks appropriate to the role and business demands
  • Self-motivated and the ability to work independently

 

Minimum Experience

  • Securing MS Azure based cloud infrastructure
  • Azure IaaS, PaaS and SaaS services
  • Azure automation with PowerShell & ARM, preferably using Terraform
  • Azure network security capabilities - ASG / NSG, Azure Firewall & WAF
  • Azure Active Directory, PIM & RBAC; Azure Key Vault
  • Azure DevOps & Git source control
  • OWASP security & vulnerability management
  • Container security – DockerKubernetesAKS (ability to explain what Kubernetes is, a plus)

 

Desired Experience

  • Experience in Python
  • Experience with Kubernetes
  • Palo Alto security solutions
  • Agile planning

 

Qualifications

  • Aptitude, experience andor ability more important than formal qualifications.
  • BA and/or MSC in Information Systems, Cybersecurity, Information Assurance (IT related).
  • 5+ years’ of technical and hands on experience in cloud, app development or security roles that have exposed you to the required areas and concepts of the position.
  • Strong problem solving, analytical and platform management skills; thinking outside the box.
  • Excellent verbal and written communication skills and the ability to interact professionally with a diverse group including; executives, managers, IT personnel, and other subject matter experts.

 

Certifications (One or more of the following certifications should be current and up to date)

  • Relevant security certifications (Cloud-CCSK, AWS, Azure)

Apply Now