Cloud Security Solutions Architect (Azure Focus)

Position Overview
We are seeking a highly skilled Security Solutions Architect to join our dynamic team. In this role, you will be responsible for designing, implementing, and optimizing comprehensive security architectures that protect our organization’s digital assets, data, and infrastructure, with a strong emphasis on cloud and hybrid environments, particularly Microsoft Azure. You will collaborate with cross-functional teams to assess security needs, recommend solutions, and ensure compliance with industry standards and best practices. The ideal candidate possesses deep expertise in the Microsoft security ecosystem and a proven track record of architecting robust security frameworks in complex, cloud-native environments.

Key Responsibilities
– Design and architect end-to-end security solutions tailored to organizational needs, integrating multiple security tools and platforms within the Microsoft Azure and Microsoft 365 ecosystems.
– Evaluate emerging threats and vulnerabilities, providing strategic recommendations for mitigation using advanced security technologies like Microsoft Sentinel and Defender Threat Intelligence.
– Lead the implementation, configuration, and optimization of cloud-native security systems, ensuring seamless integration with existing IT infrastructure.
– Conduct security assessments, audits, and risk analyses to identify gaps and propose enhancements using tools like Microsoft Defender for Cloud and Wiz.
– Collaborate with stakeholders, including IT, compliance, and business units, to align security strategies with organizational goals.
– Develop and maintain documentation for security architectures, policies, and procedures, including Infrastructure as Code (IaC) templates for security controls.
– Provide technical guidance and mentorship to junior security team members on Azure security best practices.
– Stay abreast of industry trends, regulatory changes, and advancements in cloud security technologies to inform solution designs.
– Troubleshoot and resolve complex security issues, leveraging cloud-native tools to
ensure minimal downtime and maximum protection.
Required Qualifications
– Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent professional experience).
– Minimum of 7+ years of experience in cybersecurity, with at least 3 years in a solutions architecture or similar role with a focus on cloud security.
– Proven expertise across the Microsoft Security stack, with deep, hands-on knowledge in several of the following areas:

• Cloud Security and Posture Management (CSPM/CNAPP): Microsoft Defender for Cloud for security posture management and workload protection (CWPP); Wiz for comprehensive cloud-native application protection and risk visibility.
• Security Operations (SecOps) and SIEM/SOAR: Microsoft Sentinel for security information and event management (SIEM), security orchestration, automation, and response (SOAR), and threat hunting using Kusto Query Language (KQL).
• Identity and Access Management: Microsoft Entra ID (formerly Azure AD), including advanced features like Conditional Access, Privileged Identity Management (PIM), and Identity Protection; Azure Key Vault for secrets and certificate management.
• Endpoint and Server Protection (XDR): Microsoft Defender for Endpoint and Microsoft Defender for Servers for extended detection and response (XDR) capabilities and vulnerability management.
• Network and Application Security: Azure Firewall Premium for advanced threat protection, Azure Web Application Firewall (WAF) for application security, and Azure DDoS Protection.
• Data Security and Governance: Microsoft Purview for data classification, information protection, and Data Loss Prevention (DLP).
• Collaboration and Email Security: Microsoft Defender for Office 365 for protection against phishing and malware; Attack Simulation Training for security awareness.

• Strong understanding of security principles, including zero-trust architectures, encryption, and compliance frameworks (e.g., NIST, ISO 27001, GDPR).
• Excellent problem-solving skills, with the ability to analyze complex systems and develop
  innovative solutions.
• Effective communication skills, both written and verbal, with the ability to present technical concepts to non-technical audiences.
• Relevant certifications such as CISSP, CISM, CCSP, or Microsoft-specific certifications (e.g., SC-100: Microsoft Cybersecurity Architect, AZ-500: Microsoft Azure Security Technologies) are highly desirable.
  
  Preferred Qualifications
  – Deep experience with Microsoft Azure security architecture; experience with multi-cloud
  (AWS, GCP) environments is a significant plus.
  – Advanced knowledge of scripting and automation tools (e.g., PowerShell, Python, Azure
  CLI) and Infrastructure as Code (e.g., Terraform, Bicep) for security operations.
  – Proficiency with Kusto Query Language (KQL) for threat hunting and data analysis in
  Microsoft Sentinel and Defender.