We are seeking a skilled and motivated Azure Infrastructure Consultant with DevSecOps .The consultant should have 3+ years of experience in Information Security Engineering. The ideal candidate will bring deep expertise in cloud security, incident response, and secure DevOps practices to enhance our cloud-native infrastructure and applications. Key Responsibilities: 1. Build & Secure CI/CD Pipelines Integrate security tools (SAST, DAST, SCA, secrets scanning) into Azure DevOps pipelines. Promote secure coding practices across development teams and enforce SDLC controls. Apply DevSecOps principles to automate security validation and compliance checks. 2. Cloud Security Engineering & Hardening Design and implement secure Azure infrastructure using Bicep or Terraform. Enforce Azure-native security controls (e.g., Key Vault, NSGs, Defender for Cloud, Azure Policies). Manage data protection, encryption, and secure network configurations. 3. Incident Response & Threat Detection Lead incident response efforts from detection to recovery in cloud environments. Investigate alerts and anomalies using tools like Microsoft Sentinel, Defender, and EDR platforms. Perform vulnerability assessments and implement remediation plans. 4. Identity & Access Management Configure secure access using Azure RBAC, Managed Identities, and MFA. Integrate with identity providers (Okta, AAD, SCIM) to streamline authentication and access control. Maintain least-privilege policies and audit identity risks regularly. 5. Automation & Security Monitoring Use PowerShell or Python to automate security operations and compliance reporting. Create monitoring rules and alerts for suspicious activities in SIEM and cloud-native tools. Implement threat detection and response playbooks. 6. Governance, Compliance & Secure Design Align cloud architecture and practices with NIST, ISO 27001, CIS Benchmarks, and other frameworks. Contribute to risk assessments, threat modelling, and policy development. Support internal audits and ensure the environment remains audit-ready. Preferred Certifications : AZ-500, SC100 Familiarity with purple teaming, threat hunting, or pen testing Experience with tools like SonarQube, Fortify, Aqua, or Prisma Cloud Apply Now!