Enhancing the security posture and compliance readiness of cloud-based services built on Azure and Power Platform.
Requirements
- CISSP or equivalent (e.g., SANS GIAC certifications)
- 5+ years of hands-on experience with Microsoft Azure, including a strong grasp of its security architecture and services
- Minimum 3 years of experience in security assessments, threat modeling, and risk analysis
- At least 1 year of experience with risk frameworks such as NIST CSF v2 or similar
- Experience using Azure Data Explorer (Kusto) to analyze security and compliance data
- Familiarity with automation tools such as PowerShell, Azure Logic Apps, or CI/CD pipelines to support compliance workflows
- Experience conducting secure code reviews and using static/dynamic analysis tools (preferred)
Responsibilities
- Conduct comprehensive security and risk assessments for cloud-based services hosted in Azure and Power Platform.
- Document identified risks in a centralized risk register, ensuring clear linkage to mitigation plans and actions.
- Work closely with engineering teams to support and monitor remediation efforts, offering technical guidance and maintaining momentum toward resolution.
- Analyze security and compliance telemetry using Azure Data Explorer (Kusto) to identify patterns, track impact, and influence mitigation priorities.
- Leverage automation tools to streamline risk tracking, compliance validation, and remediation workflows.
- Contribute to security and compliance initiatives and campaigns that align with broader organizational goals.
- Track and manage work in Azure DevOps, ensuring tasks are clearly documented and progress is consistently communicated.
Other
- Strong stakeholder engagement and documentation skills, with the ability to translate technical findings into clear action plans
- Bachelor's degree (not explicitly mentioned but implied)
- Remote work, ideally in the Greater Seattle, WA area