Cloud Security Architect - Azure / AWS

Cloud Security Architect with strong Microsoft Azure experience to a team within the energy industry.

You will be responsible for designing and implementing robust security solutions for their organisation's infrastructure and application development in the Microsoft Azure environment. You will play a critical role in ensuring the confidentiality, integrity, and availability of their systems, as well as protecting their data and information assets.

Key responsibilities:

* Develop and implement comprehensive security architectures and frameworks for Microsoft Azure-based solutions, ensuring adherence to industry standards and best practices.

* Collaborate with cross-functional teams, including developers, infrastructure and 3rd parties, to design and deploy secure Azure infrastructure and services.

* Conduct security assessments and audits of Azure environments, identifying vulnerabilities, recommending remediation strategies and proposing security enhancements.

* Design and configure Azure security services, including Azure Active Directory, Azure Security Centre, Azure Key Vault, Azure Monitor, Azure Sentinel, and Azure Firewall, to provide effective security controls.

* Develop Azure security policies, standards, and guidelines, ensuring alignment with organisational security requirements and compliance regulations.

* Advise on security incident response activities, including investigation, containment, and recovery.

* Provide guidance and mentoring to junior team members, promoting a culture of continuous learning and improvement.

* Collaborate with external vendors and partners to evaluate and implement third-party security solutions for Azure-based services where appropriate.

Skills and Experience required:

* Proven experience as a Security Architect, with a focus on securing infrastructure and application development in Microsoft Azure.

* Deep knowledge of Azure services, architecture, and security features, including Azure Resource Manager, Azure Virtual Networks, Azure Storage, Azure App Services, Azure Functions, and Azure Kubernetes Service (AKS).

* Strong understanding of security principles, best practices, and frameworks, such as NIST Cybersecurity Framework, ISO 27001, CIS Benchmarks, Cyber Essentials and OWASP.

* Experience in designing and implementing security controls for Azure-based solutions, including identity and access management, network security, data protection, and threat detection.

* Proficiency in scripting and automation using PowerShell, Azure CLI, or similar technologies.

* Familiarity with industry-leading security tools and technologies, such as SIEM, IDS/IPS, WAF, DLP, and vulnerability scanning tools.

* Excellent analytical and problem-solving skills, with the ability to assess complex security risks and recommend effective mitigation strategies.

* Strong communication and interpersonal skills, with the ability to articulate technical concepts to non-technical stakeholders.

* Demonstrated ability to work effectively in a collaborative team environment and manage multiple priorities.

* Microsoft certifications in relevant areas, such as Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Solutions Architect Expert, or Microsoft Certified: Azure DevOps Engineer Expert (desirable)