Responsibilities
- Lead secure design workshops with customers, incorporating security and compliance requirements
- Design Azure architectures with security and hardening as foundational principles
- Implement Azure landing zones aligned with governance, identity, and security best practices
- Define and document security controls, guardrails, and baseline configurations
- Ensure designs align with customer regulatory and risk requirements (e.g., financial services, healthcare, government)
- Build and configure Azure environments with a strong emphasis on identity and access management
- Build and configure Azure environments with a strong emphasis on network segmentation and perimeter security
- Build and configure Azure environments with a strong emphasis on secure connectivity (VPN, ExpressRoute)
- Implement environment hardening for Azure resources and virtual machines
- Apply security baselines, policies, and configuration standards
- Support secure migrations and modernization of workloads into Azure
- Validate environments through testing, review, and remediation of security gaps
- Implement and manage Azure governance controls (management groups, policies)
- Configure and integrate Azure security and monitoring services
- Support customer security reviews, audits, and risk assessments
- Act as the technical security escalation point within assigned engagements
- Partner with customer security teams to ensure ongoing compliance and risk management
- Serve as the senior technical lead for Azure delivery within the engagement
- Mentor and guide other consultants on secure Azure design and implementation
- Conduct peer reviews of designs and configurations with a security lens
- Contribute to internal standards, patterns, and reusable security assets
Requirements
- 7+ years of experience in infrastructure, cloud, or security-focused engineering roles
- 3+ years of hands-on experience designing and delivering Microsoft Azure solutions
- Demonstrated experience securing and hardening enterprise cloud environments
- Prior experience in consulting, professional services, or customer-facing delivery roles
- Microsoft Azure Solutions Architect Expert (Certification)
- Azure networking (VNets, VPN, ExpressRoute, peering, gateways)
- Azure identity and access management (Azure AD, hybrid identity)
- Azure security architecture and auditing
- Azure tenant and subscription governance (management groups, policies)
- Azure Site Recovery (ASR) for secure migration and DR
- Infrastructure as Code using ARM templates (JSON)
- Automation and scripting using PowerShell
- Strong written and verbal communication skills
- Experience presenting security and technical concepts to customer stakeholders
- Strong stakeholder management and risk-awareness
- Self-directed, detail-oriented, and delivery-focused
Nice to Have
- Azure DevOps and CI/CD with security controls
- Secure application modernization (PaaS / serverless)
- Containers and Kubernetes (AKS) with security best practices
- Azure database security and encryption
- Experience with cloud security platforms (e.g., Palo Alto, Barracuda)
- Experience supporting regulated industries (financial services, healthcare, SLED)
- Microsoft Azure Security Engineer Associate (Strongly Preferred)
- Microsoft Azure DevOps Engineer Expert (Preferred)
Benefits
- Unlimited Paid Days Off
- Three health plan options
- 401k with company match
- Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts
- Family Forming Benefit including fertility coverage and adoption/surrogacy reimbursement
- Paid childbearing and paternal leave
- Education Reimbursement, Student Loan Assistance or 529 College Funding
- Sabbatical leave
- Wellness program
- Flexible work schedule
- Annual bonus plan based on company and individual performance
- Equity grant under Associate Equity Appreciation Program