What are the responsibilities and job description for the Azure Cloud Security Architect position at SPA ?
Qualifications
Required Qualifications :
Experience :
8 years in cybersecurity roles, with 5 years focused on Azure cloud security. Proven experience designing secure, multi-subscription Azure environments that integrate with external partners. Technical Skills :
Expertise in Azure services : Azure AD, Azure Firewall, Microsoft Defender for Cloud, Azure Sentinel, Key Vault, and Conditional Access Policies. Strong knowledge of B2B interconnectivity, including Azure AD B2B, Guest Access, and identity federation. Hands-on experience with hybrid connectivity using ExpressRoute, VPN Gateway, Private Link, and Azure Virtual WAN. Proficiency with Infrastructure as Code (IaC) tools, including Terraform, ARM templates, or Bicep. Compliance Knowledge :
Deep understanding of regulatory frameworks like NIST SP 800-53, CMMC, FedRAMP, ISO 27001, and DoD Impact Levels (IL2-IL6). Familiarity with governance tools such as Azure Policy and Blueprints. Certifications :
Microsoft Certified : Azure Security Engineer Associate (required). Additional certifications such as Azure Solutions Architect Expert, CISSP, or CCSP are preferred. Soft Skills :
Strong analytical and problem-solving skills. Excellent communication and collaboration skills, with the ability to work with diverse stakeholders. Leadership and mentoring capabilities to guide teams in adopting secure practices. Desired Qualifications :
Experience with Mission Landing Zone (MLZ) design and deployment. Knowledge of cross-domain solutions (CDS) and secure data transfer mechanisms. Expertise in secure DevOps (DevSecOps) and CI / CD pipeline integration. Experience with multi-cloud and inter-cloud security architectures. Responsibilities
Security Architecture Design Design secure cloud architectures incorporating zero trust, SCCA, and MLZ principles. Develop hub-and-spoke network architectures using Azure Firewall, VPN Gateway, ExpressRoute, and Network Security Groups (NSGs). Architect secure identity and access solutions using Azure AD, Privileged Identity Management (PIM), Key Vault, and Conditional Access Policies. B2B and Enterprise Interconnectivity Implement secure B2B collaboration solutions using Azure AD B2B, Guest Access, and Conditional Access Policies. Architect identity federation across Azure AD tenants or with third-party identity providers to enable seamless partner integration. Design and manage hybrid connectivity using ExpressRoute, VPN Gateway, Azure Private Link, and Virtual WAN. Enable secure integration with third-party SaaS platforms and APIs using Azure API Management. Regulatory Compliance Ensure solutions meet frameworks like NIST SP 800-53, CMMC, FedRAMP, and ISO 27001. Use Azure Policy and Blueprints to enforce compliance across subscriptions and workloads. Provide technical support during audits, ensuring compliance evidence is well-documented. Threat Management Deploy and configure threat detection and response tools such as Azure Sentinel and Microsoft Defender for Cloud. Conduct threat modeling, vulnerability assessments, and penetration testing. Implement and optimize SIEM solutions and integrate them with monitoring tools like Log Analytics and Network Watcher. Governance and Risk Management Establish governance frameworks, including role-based access control (RBAC), resource tagging, and least privilege access. Develop security baselines for Development, Production, and Sandbox environments. Collaborate with stakeholders to identify risks and design mitigating controls for interconnectivity and workloads. Automation and Integration Build Infrastructure as Code (IaC) solutions using Terraform, ARM templates, or Bicep to automate compliance and security controls. Integrate security into DevOps pipelines, enabling secure software delivery (DevSecOps). Automate incident detection and remediation workflows to reduce response times. Collaboration and Leadership Partner with cloud architects, DevOps teams, and cybersecurity professionals to implement secure, scalable solutions. Act as a technical leader, guiding teams to embed security best practices across the system development lifecycle (SDLC). Mentor junior engineers and architects, fostering a security-focused culture.
View More
Apply for this job
Receive alerts for other Azure Cloud Security Architect job openings
Report this Job
