Azure Cloud Security Architect​/Engineer

This range is provided by The Planet Group. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$/yr - $/yr

US CITIZENS AND GREEN CARD HOLDERS ONLY

Bonus: 10%

Hours: 40

Location: North Philadelphia

• Architect Secure Cloud Solutions: Design and develop comprehensive security architectures for cloud-native applications and services (e.g., AWS, Azure, GCP), ensuring adherence to industry best practices, regulatory requirements (e.g., SOC 2, HIPAA, GDPR), and internal security policies.
• Product Security Champion: Lead security architecture reviews for new and existing products and features, identifying potential vulnerabilities, recommending appropriate security controls, and guiding engineering teams on secure coding practices.
• Threat Modeling & Risk Assessment: Conduct in-depth threat modeling exercises and risk assessments for cloud environments and product features, proactively identifying and mitigating security risks throughout the SDLC.
• Security by Design & Dev Sec Ops : Collaborate closely with product managers, developers, and Dev Ops engineers to integrate security considerations early and continuously into the software development lifecycle (SDLC) using a 'security by design' and Dev Sec Ops  approach.
• Cloud Security Expertise: Provide expert guidance on securing cloud infrastructure, including identity and access management (IAM), network security, data encryption, container security, serverless security, and cloud security posture management (CSPM).
• Automation & Tooling: Drive the adoption of security automation and orchestration tools to enhance the efficiency and effectiveness of security controls in cloud and product environments.
• Incident Response & Remediation: Contribute architectural insights and recommendations to incident response efforts, aiding in the remediation of security incidents related to cloud and product vulnerabilities.
• Security Best Practices & Standards: Research, evaluate, and recommend new security technologies, frameworks, and best practices to continually improve our overall security posture.
• Mentorship &
  
  Collaboration:
  
  Mentor junior security engineers and foster a culture of security awareness and responsibility across engineering and product teams.
• Documentation: Create and maintain detailed security architecture documentation, security standards, and operational procedures.

• 8+ years of experience in information security, with a significant focus on security architecture.
• 5+ years of experience specifically in Cloud Security, with deep expertise in Microsoft Azure.
• 3+ years of experience in Product Security, Application Security, or Secure SDLC.
• Deep understanding of cloud security principles and hands-on experience with Microsoft Defender, Azure Security Center, Azure Policy, Azure Key Vault, Azure AD and Conditional Access Policies
• Proficiency in threat modeling methodologies (e.g., STRIDE, DREAD) and practical experience applying them to cloud and product architectures.
• Strong knowledge of secure coding principles and common application security vulnerabilities (e.g., OWASP Top 10, CWE).
• Experience with security frameworks such as NIST CSF, ISO 27001, and CIS Benchmarks for Azure.
• Familiarity with containerization technologies (e.g., Docker, AKS) and their associated security challenges.
• Experience with security automation tools and scripting languages (e.g., Azure CLI, Python, Power Shell, ARM templates, Terraform).
• Excellent communication, presentation, and interpersonal skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences.
• Strong analytical and problem-solving skills, with a proactive and innovative approach to security.

• Mid-Senior level

• Full-time

• Information Technology

• Software Development