Azure Security Engineer

Summary

Join Vistrada's growing security team as a highly motivated and experienced MS/Azure Security Engineer. You will leverage your strong understanding of cloud security best practices and experience in implementing and managing security controls within Microsoft Azure and Microsoft 365. Key responsibilities include configuring and managing Azure Security Center, implementing network security controls, securing cloud resources, and utilizing security tools for threat detection and response. Expertise in Identity and Access Management (IAM) concepts, including Azure Entra ID and Conditional Access policies, is crucial. The role requires a deep understanding of Azure and Microsoft 365 security features and services, proficiency in SIEM tools, and knowledge of network security principles and threat detection techniques. Experience with compliance frameworks and regulations is also necessary.

Requirements

• Deep understanding of Azure security features and services
• Familiarity with Microsoft 365 security capabilities and best practices
• Expertise in identity and access management (IAM) concepts, including Entra Conditional Access policies
• Proficiency in security incident and event management (SIEM) tools
• Knowledge of network security principles and threat detection techniques
• Experience with compliance frameworks and regulations
• Microsoft Certified: Azure Security Engineer Associate and Microsoft Certified: Security Operations Analyst Associate and/or Microsoft 365 Administrator Expert

Responsibilities

• Configure and manage Azure Security Center to monitor and remediate security threats in Azure
• Implement network security controls like Azure Firewall and virtual network security groups
• Secure Azure storage accounts and databases by managing encryption keys and access policies
• Monitor for suspicious activity in Azure environments using Azure Sentinel, Defender threat hunting, or working with an external MSSP/SOC
• Manage user access and permissions within Microsoft 365 applications like Exchange, SharePoint, and Teams
• Utilize Microsoft Defender for Identity to detect and respond to potential identity-based threats
• Implement data loss prevention (DLP) policies to protect sensitive information across Microsoft 365 platforms
• Monitor for suspicious activity in Microsoft 365 environments using Microsoft Defender for Endpoint, Defender for Cloud Apps, Defender for Identity

Preferred Qualifications

Working with an external SOC/MSSP/SEIM