Azure Administrator

Security Operations Engineer (with a strong InfoSec background)

You will work closely with IT, DevOps, and Security teams to identify vulnerabilities, perform threat hunting, analyze incidents, and implement best practices for system hardening and compliance. A strong understanding of cloud security controls, identity management, and modern attack vectors is essential.

Key Responsibilities:

• Monitor, detect, and respond to security events using

  Microsoft Sentinel

  or similar SIEM tools (e.g., Splunk).
• Perform

  threat hunting

  , analyze indicators of compromise (IoCs), and investigate security alerts.
• Conduct

  root cause analysis (RCA)

  of incidents and implement permanent corrective actions.
• Manage and secure

  Azure resources

  , including VMs, networking, identity (Azure AD), and application services.
• Perform

  security hardening

  and configuration management of

  Windows Server

  ,

  Office 365

  , and

  Azure environments

  .
• Develop and maintain security baselines, compliance checks, and automation scripts for continuous monitoring.
  
• Collaborate with internal stakeholders to design and enforce

  security policies

  ,

  incident response plans

  , and

  risk mitigation strategies

  .

Must-Have Skills (Elaborated):

1. Azure Cloud Engineer / Security Engineer Experience:

• Hands-on experience managing and securing Azure infrastructure (VMs, networking, storage, IAM).
  
• Understanding of Azure Security Center, Defender for Cloud, and role-based access control (RBAC).
  
• Ability to design and implement security policies, network segmentation, and governance frameworks in Azure.
  

2. Strong Troubleshooting Skills:

• Excellent analytical skills to diagnose complex technical and security issues.
  
• Experience with performance tuning, log analysis, and identifying root causes of system or application failures.
  
• Ability to interpret logs from multiple sources (Azure, Windows Event Viewer, Sentinel, etc.).
  

3. Microsoft Sentinel (or Similar SIEM Tools like Splunk):

• Proficiency in creating

  custom detection rules

  ,

  analytics

  , and

  workbooks

  .
• Skilled in building and managing

  incident response workflows

  and

  playbooks

  (Logic Apps).
• Experience integrating Sentinel with multiple data sources (Azure AD, firewalls, M365, endpoint protection, etc.).
  

4. Threat Hunting, Active Security Monitoring, and Remediation:

• Familiarity with MITRE ATT&CK framework and advanced attack detection methods.
  
• Experience in

  proactive threat hunting

  , analyzing attack patterns, and responding to alerts.
• Ability to lead remediation efforts and implement long-term security improvements.
  

5. Windows Server, Office 365, and Azure Configuration Management:

• Expertise in managing Windows Server security baselines, patch management, and GPOs.
  
• Knowledge of securing

  Office 365 tenants

  (Exchange Online, SharePoint, Teams, etc.).
• Experience with configuration management tools like PowerShell DSC, Intune, or Azure Policy.
  

Preferred Qualifications:

• Certifications such as

  AZ-500 (Azure Security Engineer)

  ,

  SC-200 (Microsoft Security Operations Analyst)

  , or

  CEH/CISSP

  .
• Experience with automation using PowerShell or Python.
  
• Familiarity with cloud-native DevSecOps practices and CI/CD security integratio