Remote Senior Security Analyst – Azure

Description:

• The Senior Security Analyst will monitor, investigate, and respond to security events and incidents in the Azure cloud environment, including networking, applications, and data storage.
• This role involves collaborating with DevOps to integrate security best practices into Azure-based CI/CD pipelines and infrastructure-as-code processes, such as ARM templates and Terraform.
• The analyst will develop, document, and enforce Azure security policies and best practices, including role-based access control (RBAC), AzureAD, and Azure Security Center.
• Responsibilities include automating security detection, response, and vulnerability management tasks within Azure environments.
• The analyst will conduct threat hunting activities to identify potential security risks within cloud-based infrastructure.
• Guidance will be provided to teams on implementing secure cloud-native services, including secure API access, encryption, and identity management within Azure.
• The role requires performing threat modeling, vulnerability assessments, and risk analysis for Azure resources, along with providing remediation recommendations.
• Support for compliance initiatives such as SOC2, ISO 27001, FedRAMP, and GDPR is essential, ensuring that Azure deployments meet necessary security standards and regulations.
• The analyst will work to improve security automation in Azure environments, leveraging tools like Azure Sentinel, Microsoft Defender, and Azure Security Center.

Requirements:

• Candidates must have 5-8 years of experience in cybersecurity, with a strong focus on Azure cloud security and DevOps environments.
• Extensive hands-on experience securing Azure cloud infrastructure is required, including knowledge of Azure AD, Azure Security Center, Azure Sentinel, and Microsoft Defender.
• Familiarity with Azure-native security features such as encryption at rest, key vault management, and secure access controls (RBAC) is necessary.
• Strong experience with infrastructure-as-code tools, such as Terraform and Azure Resource Manager templates, and CI/CD pipeline security is essential.
• Proficiency with security tools like SIEM (Splunk, ELK), EDR solutions (CrowdStrike, SentinelOne), and cloud security posture management (CSPM) platforms is required.
• Experience in threat modeling for cloud-native SaaS applications is necessary.
• An understanding of compliance frameworks (SOC2, ISO 27001, FedRAMP, GDPR) and their application to Azure environments is required.
• Certifications such as Microsoft Certified: Azure Security Engineer Associate, OSCP, or similar are highly desirable.

Benefits:

• Resilinc offers comprehensive benefits that are specific to each country, including healthcare coverage for all employees.
• Employees are eligible to participate in the employee stock option program and retirement benefits.
• Paid time off is provided, along with opportunities for learning and development.
• The company is well-funded and profitable, providing a stable work environment with opportunities for growth and quick adaptation to customer needs.