Azure Application Security Engineer

*** We are unable to work with 3rd-party or corp-to-corp candidates for this position***

*** Must be authorized to work in the US***

Out client is seeking a Cloud Security Engineer to support their cloud security initiatives and ongoing cybersecurity programs. This role will focus on securing Azure environments, automating security processes, and supporting enterprise security monitoring.

The scope includes working with members of the IT&S (Information Technology and Services) Department to:

• Reduce fragmentation across multiple remote access tools, creating consistent controls, deduplicating capabilities, and reducing operational complexity
• Configure Azure Cloud Access Security Broker (CASB)
• Evaluate and secure other access methods in the context of CASB
• Review vulnerabilities, triage issues, and partner with technology and business teams to drive remediation
• Ensure secure design, deployment, and documentation for applications and services
• Collaborate with other technology teams and business units on secure remote access practices
• Extend our automation capabilities to define, prioritize, and develop standardized incident response activities
• Configure Azure score manager to track historical score data
• Automate log collection from new Azure subscriptions
• Normalize Event Hub log collection
• Automate baseline security configuration and utility deployment using Ansible
• Scripting KPI and metrics collection and presentation
• Develop new integrations and vulnerability related alerts in Splunk
• Documentation
• Architectural Review Board (ARB)
• Technical Review Board (TRB)
• Change Advisory Board (CAB)
• Other documentation as required (e.g., for audits and inspections, updates to standards and procedures, etc.)
• Consult with project team and other stakeholders, e.g., IT practitioners, the Cybersecurity and Compliance teams, Enterprise Architecture, Applications, Infrastructure, Network, Database, OCM, etc. during testing and implementation.

• 4 years of practical application security experience.
• 2 years of practical information security experience.
• Practical experience using Security Information and Event Management (SIEM) tools to sort, analyze, view, and report on data.
• Knowledge of technology protocols and security concepts.
• Industry cybersecurity and technology certifications are a plus.
• Experience working in a regulated utility environment is a plus.
• Experience working in a remote, cross functional team, with the ability to drive the scope of work.
• Ability to lead work effort with little day to day supervision. Ability to work through ambiguity and elevate issues to maintain project momentum.
• Excellent interpersonal skills, including collaboration, facilitation, and negotiation.