Azure Cloud Cybersecurity Administrator

What success looks like in this role:

1. Cloud Security Architecture Review

• Review and evaluate secure architectures for IaaS, PaaS, and SaaS environments across AWS, Azure, and/or GCP.
• Evaluate and recommend security technologies, controls, and frameworks aligned with cloud-native environments.
• Participate in solution design reviews to ensure cloud security best practices are embedded in system architectures.

2. Security Operations & Threat Management

• Configure and manage cloud-native security services (e.g., Microsoft Defender for Cloud, AWS Security Hub, GCP SCC).
• Monitor cloud environments for threats, misconfigurations, and vulnerabilities.
• Perform threat modeling, risk assessments, and incident response in coordination with the SOC.

3. Identity & Access Management (IAM)

• Define and enforce least-privilege access models using role-based access control (RBAC), attribute-based access control (ABAC), and policy-as-code (e.g., Azure Policy, AWS SCPs).
• Ensure secure integration with Identity Providers (IdPs) and MFA enforcement.
• Audit permissions and perform access reviews regularly.

4. Compliance & Governance

• Implement and monitor controls to support compliance with frameworks such as ISO 27001, SOC 2, NIST, CIS, HIPAA, or PCI-DSS.
• Automate compliance checks using tools like Azure Policy, AWS Config, and custom scripts.
• Prepare documentation and evidence for audits and risk assessments.

5. Automation & Infrastructure as Code (IaC)

• Integrate security into CI/CD pipelines and DevOps workflows.
• Write and review secure IaC templates (e.g., Terraform, Bicep, CloudFormation).
• Implement automated security testing (SAST/DAST) and vulnerability scanning pipelines.

6. Security Awareness & Collaboration

• Provide security guidance to development, infrastructure, and DevOps teams.
• Develop and deliver training or documentation on secure cloud usage and DevSecOps principles.
• Participate in internal security committees and cloud governance boards.

7. Continuous Improvement & Research

• Stay up to date with emerging threats, vulnerabilities, and cloud platform changes.
• Lead security POCs and evaluate new cloud security tools and techniques.
• Recommend improvements to existing security policies and standards.

You will be successful in this role if you have:

1. Education & Experience

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• 5–8+ years of experience in cybersecurity, with at least 3 years focused specifically on cloud security.
• Proven experience securing cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP). Microsoft Defender for Cloud.

2. Technical Skills

• Strong understanding of cloud security principles and architectures (shared responsibility model, Zero Trust, etc.).
• Hands-on experience with cloud-native security tools (e.g., Microsoft Defender for Cloud, AWS GuardDuty, GCP SCC).
• Proficient in Infrastructure as Code (IaC) tools: Terraform, ARM/Bicep, CloudFormation.
• Experience integrating security into CI/CD pipelines and DevSecOps workflows.
• Knowledge of network security, container security (e.g., Kubernetes, AKS, EKS), API security, and data protection in the cloud.
• Familiarity with SIEM and security monitoring tools (e.g., Sentinel, Splunk, Elastic, CloudTrail, CloudWatch).

3. Identity & Access Management

• Deep knowledge of RBAC, ABAC, OAuth2, OIDC, SAML, and MFA implementations in cloud environments.
• Experience managing federated identity systems and Privileged Access Management (PAM).

4. Compliance & Risk

• Working knowledge of compliance standards and security frameworks: ISO 27001, NIST 800-53, SOC 2, CIS Benchmarks, GDPR, HIPAA, or PCI-DSS.
• Ability to translate technical risks into business impacts and recommend mitigations.

5. Certifications (Preferred)

• One or more of the following:
• CCSP – Certified Cloud Security Professional
• CISSP – Certified Information Systems Security Professional
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security – Specialty
• Google Professional Cloud Security Engineer
• CISM, CEH, or equivalent
• Microsoft Azure AZ-104

6. Soft Skills

• Strong communication and stakeholder management skills.
• Ability to lead security discussions with technical and non-technical audiences.
• Analytical and problem-solving mindset with attention to detail.
• Ability to work independently, lead projects, and mentor junior engineers.