Cloud Security Engineer
Remote - Warrington, England, United Kingdom
The Cloud Security Engineer is a change agent and ambassador for cyber security. Their primary focus will be to drive the delivery of cyber security controls for the Azure cloud platform and services identifying and assessing security threats and risks, defining and enabling secure configuration, and leading security automation. They will also ensure ISM compliance and assist with related activities.
- Implement continuous security control testing, and improvements to monitoring of Azure security events and alerts through optimisation and automation.
- Increase visibility of security threats and configuration weaknesses by optimising the configuration of cloud native security tools, e.g. Azure Security Center, SQL Server Advanced Data Security and Azure Sentinel.
- Monitor, maintain operational security management systems and respond to security incidents.
- Use security risk metrics to enable DevOps and security to report on threats and the cyber security controls.
- Reduce security vulnerabilities and configuration weaknesses through standards and increased awareness.
- Enable and enhance security configuration and DevOps practices through close collaboration with Azure DevOps and by providing secure design patterns, and a hands on security engineering capability. Supports the definition and implementation of security requirements.
- Deliver security automation in the CI/CD pipeline via process automation and tooling.
- Deep understanding of Azure data protection and security architecture, and features including Security Center and Secure Score, Ddos attack mitigation, Azure Front Door / Web Application Firewall, Azure Key Vault, Network Security Groups and Privileged Identity Management.
- Good understanding of Azure Iaas, serverless architecture and Azure Cloud Platform services, Application Service Environments, Service Fabric, Azure functions, Azure API Management
- Hands on Azure security configuration and scripting skills.
- Able to communicate complex technical topics in straightforward terms
- Microsoft Azure certifications, e.g. Azure Security Engineer, Azure DevOps Engineer, Azure Solutions Architect; Windows 10 and Windows Server 2019 accreditations (which levels)