Azure Cloud Security Architect - Newark, United States - Guidehouse

    Guidehouse
    Guidehouse Newark, United States

    3 weeks ago

    Guidehouse background
    Description

    What You Will Do

    The Cloud Security Architect is responsible for leading the development of cyber-security architecture in an agile environment, ensuring technology initiatives are implemented within the framework to secure one of our key government client's cloud environments. The right candidate will be accountable for strategic planning, architecture, and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures.

    The primary areas of focus for the Cloud Security Architect is to advise in developing Cloud risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address Cyber-Security, Cyber Defense and Business needs of our customer.

    • Design security solutions for Azure cloud environments including leading architecture reviews for decision records.
    • Knowledge areas include IAM with Entra ID/Azure Active Directory, posture management, workload protection, SIEM/SOAR, application software testing.
    • Build architectural runway for infosec requirements for both infrastructure and application development teams.
    • Collaborate with agile teams to ensure security requirements are met.
    • Analyze and continuously monitor cybersecurity and privacy policies, processes and compliance artifacts, systems authorization, and management in a cloud environment.
    • Analyze and map existing security controls and safeguards to compliance requirements for a cloud environment.
    • Conduct architecture reviews and security impact assessments for technology and software development initiatives.
    • Assist in the implementation a Azure Zero-Trust Architecture as a core part of all design and development of the cloud solution.
    • Coordinate application and infrastructure risk mitigation and vulnerability remediation activities.
    • Assist in the design, development, implementation, and deployment of a hybrid cloud solution in a FedRAMP High environment involving integration of hybrid cloud solutions with on-premises components and systems.
    • Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide incident response support to locate and prevent threats.

    What You Will Need

    • Bachelor's degree required
    • 5+ years cyber related experience in a commercial environment with Azure, in a technical information security and risk management role.
    • 5+ Firsthand working with the various Azure security tools/platforms such as Azure AD, Sentinel, Defender, Monitor, Key Vault, or similar in other platforms.
    • 5+ years managing security policies and initiatives in Azure.
    • Identity Access and Management concepts, multifactor authentication, SSO/Federation
    • Privileged Access Management key concepts
    • Ability to set up and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure Cloud regions.
    • Vulnerability testing as it relates to Azure systems.
    • Security concepts & tools related to CI/CD pipelines, and software scanning.
    • Demonstrable understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux

    What Would Be Nice To Have

    • Master degree
    • INFOSEC Certifications: CISSP, CCSP, CISM
    • Azure/AWS/Google Training and Certification
    • Microsoft Certifications/Exams a recommended: Sc-100 Cybersecurity Architect; Sc-300 Identity and Access Administration; AZ-500 Azure Security Engineer
    • Crowdstrike Falcon EDR for Azure
    • Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST.
    • Demonstrated experience collaborating directly with external clients, business leadership, and auditors.
    • Direct technical background, to include familiarity with servers, network devices, and security systems.
    • Experience working as system or portfolio architect on agile release trains.
    • Working knowledge of current NIST for Azure and FedRAMP High for Azure, Azure CIS Benchmark compliance
    • Working knowledge of Azure CAF and Terraform
    • OpenText Fortify experience a plus.