Azure Security & Remediation Specialist

Job Title: Azure Vulnerability & Remediation Architect/Engineer

Role Summary:

We are seeking a highly skilled Azure Vulnerability & Remediation Architect/Engineer to lead vulnerability management and remediation efforts across Azure cloud environments. This role will focus on identifying security gaps, driving remediation strategies, and enhancing the overall security posture of enterprise cloud infrastructure.

Key Responsibilities:

• Design and implement vulnerability management frameworks for Azure cloud environments

• Identify, assess, and prioritize security vulnerabilities across Azure resources (VMs, storage, networking, PaaS services)

• Lead and coordinate remediation efforts, ensuring timely resolution of vulnerabilities and security risks

• Work with cross-functional teams to develop and enforce security best practices and standards

• Utilize tools such as Microsoft Defender for Cloud, Azure Security Center, and vulnerability scanners to monitor and assess risks

• Perform risk assessments, root cause analysis (RCA), and provide actionable remediation plans

• Implement and maintain secure configurations, patch management, and hardening strategies

• Automate remediation processes using PowerShell, Azure CLI, ARM templates, or Terraform

• Ensure compliance with industry standards and frameworks (e.g., NIST, CIS, ISO 27001)

• Monitor and report on security posture, vulnerabilities, and remediation metrics

• Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines (DevSecOps)

• Support incident response and security investigations related to vulnerabilities

Required Qualifications:

• Strong hands-on experience with Microsoft Azure security and cloud infrastructure

• Proven background in enterprise vulnerability management and remediation

• Expertise in Azure security tools such as Defender for Cloud, Azure Security Center, and Sentinel

• In-depth knowledge of cloud security principles, networking, and identity management (Azure AD)

• Experience implementing infrastructure as code (IaC) using tools like Terraform, Bicep, or ARM templates to ensure secure and compliant deployments

• Solid understanding of vulnerabilities across operating systems, containers, networks, and applications, including familiarity with CVE/CVSS scoring and threat trends

• Experience working within FedRAMP or similar regulated/compliant environments

• Strong experience with patch management, system hardening, and security baselines

• Proficiency in automation and scripting (PowerShell, Azure CLI, Terraform)

• Knowledge of security frameworks and compliance standards (CIS, NIST, ISO, etc.)

• Ability to conduct risk assessments and prioritize remediation efforts effectively

• Strong troubleshooting and root cause analysis skills

• Relevant certifications such as AZ-500, SC-100, AZ-305, CISSP, or comparable credentials are highly desirable

Preferred Qualifications:

• Azure certifications (e.g., Azure Security Engineer Associate, Azure Solutions Architect)

• Experience with DevSecOps practices and CI/CD security integration

• Familiarity with container security (AKS, Docker, Kubernetes)

• Experience with SIEM tools such as Microsoft Sentinel

• Knowledge of multi-cloud environments (AWS, Google Cloud Platform)