Senior DevSecOps Engineer

Long Description

We are seeking a skilled and experienced DevSecOps Engineer with expertise in Azure Security to join our team. As a DevSecOps Engineer - Azure Security Specialist, you will play a crucial role in ensuring the security and compliance of our cloud infrastructure and applications built on the Azure platform. 

Key Responsibilities:

• Develop and implement security policies, standards, and procedures for Azure cloud environments, ensuring compliance with industry regulations and best practices.
• Collaborate with development, operations, and security teams to integrate security controls and practices into the CI/CD pipeline and overall DevOps workflow.
• Conduct security assessments, vulnerability scanning, and penetration testing of Azure resources, applications, and infrastructure components.
• Monitor and analyze security logs, events, and alerts to identify potential security incidents and recommend appropriate mitigation strategies.
• Configure and manage security tools and technologies in Azure, such as Azure Security Center, Azure Sentinel, Azure Key Vault, and Azure Active Directory.
• Implement and maintain secure identity and access management (IAM) policies and controls for Azure resources, including role-based access control (RBAC) and multi-factor authentication (MFA).
• Collaborate with development teams to ensure secure coding practices and perform code reviews to identify and remediate security vulnerabilities.
• Provide guidance and support to development teams on implementing secure architecture and design principles for Azure-based applications and services.
• Stay up to date with the latest security threats, vulnerabilities, and industry trends related to Azure and cloud computing, and provide recommendations for enhancing security posture.

Long Description

Qualifications:
Bachelor's degree in computer science, Information Technology, or a related field.
Minimum 7 years of relevant experience.
Outstanding English communication, both verbal and non-verbal.
Ability to review and provide input on the architecture of applications, systems, and networks for security best practices.
Experience automating security processes and implementing security orchestration (e.g. Azure DevOps).
Experience in designing and implementing secure and scalable architectures related to Application Development.
Experience participating in agile development teams and integrating security into the development lifecycle.
Familiarity with cloud security concepts and best practices in Azure
Familiarity with security scanning tools for code (e.g., Snyk) and infrastructure (e.g., Nessus).
Familiarity with tools for automating security testing and compliance checks.
In-depth knowledge of DevOps practices and tools (e.g., GitHub, Docker, etc).
Proficiency in scripting and programming languages (e.g., Python, PowerShell, etc