Cloud Security Engineer – Azure

Cloud Security Engineer – Azure
Hybrid role – 3 days per week in the office

Exciting period of modernisation and Cloud services adoption has created a Cloud Centre of Excellence and requires Azure Subject Mater Experts to join the new team.

Using your excellent Cloud skills you will lead the detailed security design and implementation activities for foundational cloud services such as compute, storage, networking as well as the integration points with existing Group Security services and processes such as monitoring, alerting and incident response.

This will include
* Scope, design and build secure Azure cloud services to support the Modernisation programme
* Deliver a scalable and flexible cloud security architecture
* Work with the Cloud Security Architect to help define and deliver the high-level and low-level security objectives
* Implement secure system architectures through the application of regulations, policies, standards and procedures to meet user needs while managing business and security risks.
* Develop, test, and deliver Security Policy as code for a variety of Public Cloud compute services and Container platforms leveraging native services.
* Understand industry standard controls such as CIS/NIST/GDPR/ISO/CSA CCM
* Utilise DevSecOps practices to implement security and compliance policies-as-code
* Working closely with application development teams to deliver secure coding platforms and implement product feature pipelines and integration with various SAST, SCA and DAST tools.

You will be a very experienced Cloud Security Engineer with a focus on Azure, holding relevant Azure certifications
Your experience will include
* Cloud Infrastructure Engineering/platform Engineer/Security Engineer role, deploying and maintaining multi-cloud foundation services (aka Landing zone) and/or container orchestrator platforms is essential
* SIEM & SOAR (security information and event management (SIEM) and security orchestration, automation, and response (SOAR).
* Core foundational security services of cloud providers (e.g., Azure AD, Defender for Cloud, Azure Sentinel, AppGateway and APIM, Azure Identity Protection, PIM)
* Provisioning Security policy as Code (IAC) tools such as Terraform, CloudFormation and adapt secure code practices and guidelines
* Minimum of 3 years’ experience in setting up and managing container security in platforms such as Kubernetes (AKS, EKS, GKE)
* Key management tools such as Azure Key Vault or cloud based KMS and PKI
* DevSecOps and Infrastructure-as-Code route-to-live environment is desirable
* Integrating security testing tools such as Veracode, InsightAppSec, Trivy, Checkov, etc. as part of the DevSecOps pipelines