Job
Description
The primary responsibility of this role is to improve the security posture of Microsoft environments and containerized applications. You will be tasked with implementing hardening strategies, handling vulnerabilities, ensuring compliance, and integrating security into development pipelines to protect systems from evolving threats. Your key tasks will include strengthening the security of Microsoft systems (Windows Server, Active Directory, Azure) and containerized platforms (Docker, Kubernetes, AKS) by implementing Microsoft Defender for Containers and related tools for threat detection and posture management. Additionally, you will apply secure configuration baselines for Microsoft systems using CIS Benchmarks and Microsoft Security Baselines, as well as harden container images and Kubernetes deployments by implementing the least privilege, disabling root access, and using read-only file systems. In order to make a significant impact in this role, you will conduct vulnerability assessments using tools like Microsoft Defender, Snyk, and Qualys and remediate vulnerabilities in OS, container images, and workloads across hybrid and multicloud environments. You will also ensure consistency to security standards such as NIST SP 800-190, CIS, and Microsoft Cloud Security Benchmark, maintain audit trails and documentation for regulatory compliance, supervise and respond to threats using SIEM systems and Defender XDR, and implement runtime protection and anomaly detection for Kubernetes clusters. Furthermore, you will define and implement network policies, RBAC, and resource limits for containers, use Azure Policy and Gatekeeper to prevent non-compliant deployments, deploy observability tools and log analytics to supervise sensitive actions and detect incidents, enable binary drift detection, and automate security scans and policy enforcement in CI/CD pipelines. To be successful in this role, you should possess a Bachelor's degree in Computer Science, Cybersecurity, or related field, along with 3+ years of experience in Microsoft system hardening and container security. Proficiency with Docker, Kubernetes, AKS, and CI/CD tools is essential, as well as experience with security tools like Microsoft Defender, Snyk, Qualys, and SIEM platforms. Knowledge of cloud security (Azure, AWS, GCP) and infrastructure-as-code (Terraform, ARM), as well as relevant certifications (e.g., CKS, AZ-500, CISSP) are preferred. Siemens Gamesa is part of Siemens Energy, a global leader in energy technology committed to making sustainable, reliable, and affordable energy a reality. As a leading player in the wind industry, Siemens Gamesa is passionate about driving the energy transition and providing innovative solutions to meet the global energy demand. The company values diversity and inclusion, celebrating character regardless of ethnic background, gender, age, religion, identity, or disability. All employees at Siemens Gamesa are automatically covered under Medical Insurance, with a considerable Family floater cover that includes the employee, spouse, and 2 dependent children up to 25 years of age. The company also provides an option to opt for a Meal Card as per the prescribed terms and conditions in the company policy, which serves as a tax-saving measure.,
