Azure Security Engineer

Role Description With strict NIST 800-53 and zero-trust compliance requirements across all deployments, We need a dedicated Azure Security Engineer to design and enforce security posture for every client environment. This role ensures that each Azure subscription operates under strong access controls, proper logging, and airtight resource protections. You'll work hand-in-hand with Infrastructure and DevOps to validate that all client environments are secure by design not after the fact. Key Responsibilities Implement and manage RBAC, PIM, and conditional access policies Harden Key Vaults, storage accounts, and network access layers Set up Azure Policies for enforcement of tags, regions, and naming conventions Enable and monitor diagnostic settings, activity logs, and Azure Monitor Ensure service principals and managed identities use least privilege Perform regular security reviews and participate in compliance audits Collaborate with DevOps to secure pipeline access and secrets management Ideal Profile Attribute Ideal Answer Experience 510 years in security, IAM, or compliance engineering Certifications AZ-500 required, SC-100 a big plus Cloud Security Deep understanding of Azure IAM, RBAC, Key Vault, Managed Identity Compliance Frameworks Familiarity with NIST 800-53, HITRUST, or FedRAMP Monitoring/Logging Azure Monitor, Log Analytics, Diagnostic Settings, Activity Logs Tooling Azure Policy, Defender for Cloud, Microsoft Entra (PIM, Conditional Access) Soft Skills Strategic mindset, thorough, excellent at documentation and governance