Job Description :

Roles and Responsibilities:

  1. Demonstrate deep experience with securing mission critical cloud applications in Microsoft Azure
  2. Orchestrate the security layer across custom developed and Commercial products deployed on Azure as an integrated solution
  3. Demonstrate good understanding of Azure Compliance Blueprints, Compliance Dashboards
  4. Create strategy to manage PCI/PII compliance controls through Azure Automation
  5. Deliver security layer as code using Azure CLI, ARM templates, Shell Scripts and not just as Visio Diagrams
  6. PAAS Security:
  7. Drive the security architecture and implementation for APIs and Microservices deployed on Azure Kubernetes Services, Azure App Services, Logic Apps and Functions
  8. Implement best practices for application secrets management using Azure Key Vault or Hashicorp Vault, with the ability to recommend one versus the other based on use cases
  9. Container Security:
  10. Demonstrate understanding of container security concepts, Kubernetes architecture, service to service communication
  11. Design Ingress control and Kubernetes security policies with nginx, Azure Application Gateway
  12. Data security:
  13. Create blueprint for data security in transit and at rest including the ability to recommend Azure database offerings and storage services based on the security requirements
  14. Demonstrate deep understanding on topics like Data Exfiltration, Data Loss Prevention and Data Redaction
  15. Network and Platform Security:
  16. Design and implement the best practices as code using Azure CLI and/or ARM Templates for virtual network security, user defined routing and network security groups
  17. Design isolation of applications, data and other PAAS services using Service Endpoints, ASE and other techniques
  18. Identity Management:
  19. Design identity management solutions with Azure AD, Azure AD B2C, Okta, Ping Identity and other modern identity solutions for internal users and customer identities
  20. Integrate OAuth into applications, APIs, Microservices
  21. Work with Azure Managed Service Identities for Application to Application or Application to Azure Services scenarios
  22. Azure DevOps:
  23. Ability to work with Azure DevOps Pipelines and Releases to deliver security-as-code in the CI/CD environment

Certifications:

  1. AZ-500

Primary Skills:

  1. Azure CLI and Powershell
  2. Container platforms and tools - Kubernetes, Docker, Azure Kubernetes Service, Azure Container Service
  3. Azure Networking – Azure Virtual Networks, ExpressRoute, Site-to-Site VPN, NSG, App Service Environment
  4. Azure PAAS Services Security and Provisioning – Azure API Management Policies, Azure App Service, Event Hubs, Service Bus, Cosmos DB, Azure SQL
  5. Identity Management – Azure Managed Service Identities, Azure AD, Azure AD B2C, Open ID Connect
  6. Cloud Security – Azure Key Vault, HSTS, SSL/TLS Ingress Control, Certificate management, Azure Security Center, Threat Detection, Container Security tools e.g. Twistlock
  7. Cloud monitoring – Experience with Azure Sentinel, Azure Log Analytics, Azure Monitor, SysDig, Application Insights
             

Similar Jobs you may be interested in ..