Role & responsibilities Responsible for securing cloud-based workloads, ensuring the deployment of security controls, and overseeing threat detection mechanisms across our Azure environment, will actively monitor, analyze, and respond to security incidents affecting cloud workloads. Leverage MCAS to implement and manage Cloud Access Security Broker (CASB) solutions, providing visibility into the usage of cloud applications, enforcing governance policies, and mitigating risky behaviors or configurations. Ensure continuous assessment and improvement of the security posture of the organizations cloud infrastructure using tools like Microsoft Defender for Cloud, configure and monitor cloud security best practices. Manage the implementation and enforcement of conditional access policies within the Azure environment to secure access to applications and data based on specific conditions such as user location, device compliance, and risk levels. Participate in security incident response efforts, utilizing your knowledge of cloud environments to help identify the source and scope of threats, collaborate with internal teams to improve threat detection and mitigation strategies, ensuring that the cloud security posture aligns with industry standards and regulatory requirements. Work closely with cross-functional teams to ensure that security policies are integrated into the development, deployment, and operations of cloud-based applications. Additionally, contribute to documentation, creating reports on security posture, risk assessments, and incident responses to help management make informed decisions. Preferred candidate profile Proven hands-on experience securing workloads in Microsoft Azure, with a focus on cloud workload protection strategies. Strong proficiency in managing and implementing Microsoft Cloud App Security (MCAS) for CASB functionality, ensuring proper visibility and control over cloud app usage. Expertise in Azure security services, including but not limited to Microsoft Defender for Cloud, Azure AD, and Azure PIM. In-depth experience with implementing and managing conditional access policies in Azure AD, including risk-based policies and enforcement mechanisms. Experience with cloud security posture management, performing risk assessments, and applying security best practices to meet compliance and regulatory standards. Solid understanding of cloud-native security controls, identity and access management, and threat protection in the context of Azure and multi-cloud environments.
