Blueprint helps organizations unlock value from existing assets by leveraging cutting-edge technology to create additional revenue streams and new lines of business. We connect strategy, business solutions, products, and services to transform and grow companies. In this role, you will play a critical role in supporting and enhancing the security posture and compliance readiness of cloud-based services hosted in Azure and Power Platform.
Requirements
- Minimum 5+ years of hands-on experience with Azure, including deep understanding of its security architecture and services.
- Minimum 3+ years of experience in performing security assessments, threat modeling, and risk analysis.
- Minimum 1+ year of experience in risk management with working knowledge of NIST CSF v2 or equivalent control frameworks.
- Strong understanding of web application security principles, threat vectors, and mitigation strategies.
- Proficiency in using Azure Data Explorer (Kusto) to analyze telemetry data.
- Experience with scripting and automation tools such as PowerShell, Azure Logic Apps, or CI/CD integration.
- Experience with secure code reviews and use of static/dynamic analysis tools.
Responsibilities
- Conduct in-depth security and risk assessments for services deployed on Azure and Power Platform.
- Document identified risks in the Risk Register, ensuring proper linkage to remediation actions.
- Partner with engineering teams to track and verify risk mitigation activities until closure.
- Provide hands-on remediation support and technical guidance during dedicated office hours.
- Standardize and document remediation steps to build reusable guidance for future scenarios.
- Analyze security and compliance datasets using Azure Data Explorer (Kusto) to extract insights and assess risk impact.
- Automate and streamline compliance validation, risk tracking, and remediation workflows.
Other
- Certification: CISSP or equivalent (e.g., SANS GIAC certifications) – mandatory.
- Demonstrated experience supporting security and compliance initiatives across multiple teams.
- Excellent communication, collaboration, and analytical abilities.
- Experience with secure code reviews and use of static/dynamic analysis tools.
- Demonstrated ability to multi-task effectively and manage stakeholder relationships with professionalism and a proactive mindset.
