The Sr. Azure Cloud Security Engineer will be responsible for driving, implementing, managing, monitoring, and governance of AssureCare’s Azure Security and Threat Operations to ensure that we remain proactively positioned with the ever-evolving threat and compliance landscape. 

To achieve this goal, this person will drive, collaborate on, and implement secure designs, contribute changes to our infrastructure-as-code by implementing security controls as necessary, develop and cultivate threat models, countermeasures, and compensating controls. Additionally, this person will drive the design and deployment of new tools to continue improving our security posture. As such, the Sr. Azure Cloud Security Engineer is expected to stay abreast with emerging Azure Cloud technologies and implementations, as well as their impact on the security landscape.

You will use your technical experience to assess, design, engineer, implement, and manage security operational controls and tooling. These controls will be aligned and focused on maintaining compliance with AssureCare's security standards including but not limited to SOC2 TypeII, HITRUST CSF, NIST SP800-53 (Rev5).

Essential Duties / Responsibilities

Strategic

• Serve as an Azure security SME and provide guidance on industry best practices and in-depth defense strategies
• Contribute to the ongoing support, development, and maintenance of the infosec and risk management program
• Provide technical expertise on trends and emerging changes to Azure cloud security landscape
• Key member of the Detection and Response team to operationalize newly developed security capabilities and perform investigations related to security incidents

Proactive

• Research, design, collaborate, Implement, maintain and monitor security solutions for AssureCare including but not limited to Azure advanced DDoS protection, NextGen Firewalls, host and network-based intrusion detection and intrusion prevention, WAFs, Application Gateways, load balancers, continuous security monitoring and risk assessment for our Azure cloud infrastructure
• Proactively identify security issues, recommend, collaborate on, and implement configuration remediations
• Identify opportunities for security improvement of our cloud infrastructure and services
• Analyze and make recommendations to improve security of our cloud infrastructure, platform, and architectures
• Examine network, server, application, and aggregated logs to determine trends and identify security incidents
• Ensure implementation of security and compliance requirements are met and maintained

Tactical/Daily

• Maintain and create security and operational controls to enforce AssureCare's security policies
• Work closely with the Infrastructure, DevOps, and Security teams to resolve security related configuration issues
• Develop, document, and maintain security and compliance architecture standards for our Azure cloud
• Assess, measure, and communicate the risk impact of identified security deficiencies and remediate as appropriate
• Implement, review, and maintain strong access controls and identity roles within Azure IAM
• Maintain and improve continuous monitoring of Azure resources
• Review and approve controls needed to protect AssureCare technology assets and data
• Configure and troubleshoot security infrastructure resources
• Collaborate with DevOps to ensure cloud security for promoting DevSecOps
• Participate in the ongoing maintenance, testing, and improving the incident response program
• Work with Infrastructure, DevOps, and security Teams to ensure security is factored into evaluation and deployment
• Assist in the review and updates to infosec policies, architectures, and standards
• Assists in responding to audits, penetration tests and vulnerability assessments
• Drive ongoing hardening of Azure infrastructure

• Bachelor's degree required Computer Science, Information Security, or related field
• 7+ years of experience working in security focused engineering roles 
• 5+ years’ experience implementing, enhancing, and operationally managing security solutions in Azure

- Cyber threat vectors and countermeasures

- Windows and Linux platforms

- Cloud Infrastructure and Cloud Security

- Strong understanding of networking basics

- LogAnalytics, Security Center, Sentinel, Defender for Cloud, SIEM, SOAR

- Vulnerability scanning, DLP

- VPN, NextGen Firewalls, network monitoring, advanced DDoS protection, host-based and network-based intrusion detection and intrusion prevention, WAFs, App Gateways, Active Directory, web server security, IdP, etc.

- Foundational / functional understanding of APIs (RESTful, SOAP, Websockets, Federated Auth flow)

- Solid understanding of audit methodologies and processes for compliance with SOC1/SOC2, HiTrust, etc.

- Security technologies including encryption, data protection, access privilege management 

- Strong knowledge of common vulnerabilities and advanced exploitation techniques required

- Experienced in Azure Devops and with Azure IAC/ARM infrastructure as code templates

- Solid coding and scripting skills (PowerShell, Bash, Kusto, etc.) 

- Practical experience with database security, content filtering

- Experience with IAM strategy, best practices and design

- Experience with Active Directory and Azure AD

- Experience with WSUS

- Experience with industry security frameworks (HITRUST CSF, NIST CyberSecurity, OWASP, SANS, etc.).

- Experience with implementation of single and multi-tenant cloud environments

- Experience in securing serverless compute and cloud platform services such as Azure Functions

- Experience creating and maintaining threat models

- Solid understanding of modern attacker tactics, techniques, and procedures

- Knowledge on Azure security detection and response 

Big Pluses to Have

• Information Risk or Security Certifications - (Azure Security AZ-500, CISSP, CCSP, CIAM)
• Experience working with container-based architectures
• Have worked in a rapid-growth software development/SaaS organization before

AssureCare® is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.

This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and internship. AssureCare® makes hiring decisions based solely on qualifications, merit, and business needs at the time. Furthermore, the Company will make reasonable accommodations for qualified individuals with known disabilities unless doing so would result in an undue hardship.