Azure Security Architect

Hybrid in New York, NY, US • Posted 12 hours ago • Updated 10 hours ago
Contract W2
Contract Independent
Contract Corp To Corp
12 Months
No Travel Required
Hybrid
Depends on Experience
Fitment

Dice Job Match Score™

🎯 Assessing qualifications...

Job Details

Skills

  • Hybrid/Local Azure Security Architect (Solutions Architect Expert/15+) with security/scalability/resilience/governance
  • VNets/subnets/NSGs/Firewall/WAF/CLI scripting
  • App Services/VMs/SQL/Key Vault
  • ISO/NIST
  • threat modeling
  • risk/vulnerability assessments
  • DevSecOps/CI/CD
  • PowerShell
  • IAM/Azure Entra ID/RBAC/MFA/PIM
  • Zero Trust
  • GitHub experience
  • Cloud Computing
  • Acceptance Testing
  • Cloud Architecture
  • Cloud Security
  • Collaboration
  • Command-line Interface
  • Communication
  • Computer Networking
  • Continuous Delivery
  • Continuous Integration
  • Data Security
  • DevOps
  • DevSecOps
  • Development Testing
  • Kubernetes
  • Leadership
  • Management
  • Microsoft Azure
  • ISO/IEC 27001:2005
  • Identity Management
  • Knowledge Transfer
  • Documentation
  • Firewall
  • DLP
  • GitHub
  • ISO 9000
  • Multi-factor Authentication
  • Network
  • Network Security
  • Optimization
  • PIM
  • ProVision
  • Provisioning
  • RBAC
  • RTR
  • Regulatory Compliance
  • Risk Assessment
  • SAP GRC
  • SQL
  • Scalability
  • Scripting
  • Security Architecture
  • Auditing
  • Stakeholder Engagement
  • Storage
  • Technical Writing
  • Testing
  • Sustainability
  • Virtual Machines
  • Windows PowerShell
  • WAF

Summary

Job ID: NY-85626Y11)

Hybrid/Local Azure Security Architect (Solutions Architect Expert/15+) with security/scalability/resilience/governance, VNets/subnets/NSGs/Firewall/WAF/CLI scripting, App Services/VMs/SQL/Key Vault, ISO/NIST, threat modeling, risk/vulnerability assessments, DevSecOps/CI/CD, PowerShell, IAM/Azure Entra ID/RBAC/MFA/PIM, Zero Trust, GitHub experience

Location: New York, NY (DEPARTMENT OF CITYWIDE ADMINISTRATIVE SERVICES)
Duration: 12 Months

MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have mandatory skills will not be considered.
Extensive experience designing and implementing Azure cloud architecture across enterprise environments
Strong knowledge of Azure Well-Architected Framework and cloud best practices (security, scalability, resilience, governance)
Hands-on experience with Azure networking (VNets, subnets, NSGs, Azure Firewall, WAF, private endpoints)
Experience with Azure infrastructure provisioning (App Services, VMs, Storage, SQL, Key Vault etc.)
Strong expertise in Identity and Access Management (Azure Entra ID, RBAC, MFA, Conditional Access, PIM)
Solid understanding of Zero Trust security architecture and implementation
Experience implementing Azure Policy, governance controls, and security baselines
Knowledge of cloud security, threat modeling, and risk assessment practices
Familiarity with regulatory and compliance frameworks (ISO 27001, NIST, etc.)
Experience with DevSecOps practices and CI/CD security integration
Strong documentation skills (architecture diagrams, runbooks, technical documentation)
Excellent communication, stakeholder engagement, and collaboration skills

DESIRABLE SKILLS/EXPERIENCE:
PowerShell and Azure CLI scripting
Azure cost, GitHub Actions
Cost Management
Azure certifications:
o Azure Administrator Associate
o Azure Solutions Architect Expert

SPECIAL REQUIREMENTS:
Require off-hour support during production cutover or to troubleshoot, resolve critical issues

SCOPE OF SERVICES
The Azure Cloud Specialist will be responsible for designing and implementing a secure, scalable Azure cloud architecture across all environments, including defining subscription structure, resource organization, naming conventions, and tagging standards, as well as producing architecture diagrams aligned with the Azure WellArchitected Framework and organizational requirements. The Consultant will provision and configure core Azure infrastructure components, implement identity and access management (including RBAC, Azure Entra ID, MFA, Conditional Access, and PIM), and apply Zero Trust security principles in alignment with DCAS and OTI Cyber GRC standards. In addition, the Consultant will design and enforce cloud security controls, support governance and compliance activities (including Azure Policy, ISO 27001, and NIST alignment), perform risk and vulnerability assessments, integrate security into DevSecOps practices, and develop operational documentation and conduct knowledge transfer to ensure sustainable operations.

Description:
Azure Cloud Administration Specialist
The Azure Cloud Administration Specialist will design and architect solutions to implement a secure, scalable, and production-ready Azure cloud environment spanning multiple environments, including Development, QA, UAT, Staging, and Production. The role will support structured development, automated deployment using Azure DevOps and/or GitHub, testing, and secure application releases.

The solution will be built in alignment with the Azure Well-Architected Framework, ensuring strong governance, security, performance, cost optimization, and seamless integration across cloud and on-premises systems. The Azure Cloud Specialist will provide architectural leadership and hands-on expertise across design, implementation, and operational readiness.

Engaging experienced specialists will help reduce delivery risk, accelerate implementation timelines, ensure regulatory and organizational compliance, and provide long-term sustainability and operational stability of the cloud environment.

RESPONSIBILITIES:
Azure Architecture & Design
Design end-to-end Azure architecture across all environments.
Define subscription structure, resource groups, naming conventions, and tagging standards.
Design secure network topology (VNets, subnets, NSGs).
Produce architecture diagrams for stakeholder approval.
Ensure alignment with Azure Well-Architected Framework and best practices for security, scalability, resilience, and governance.

Infrastructure Provisioning
Provision and configure Azure resources (VNets, App Services, VMs, SQL, Storage, Key Vault).
Implement RBAC, Azure Policies, and governance controls.
Ensure environment readiness for Dev, Test, UAT, and Production.
Azure Kubernetes Service (AKS) provisioning and support
Validate connectivity and infrastructure configuration.
Apply Zero Trust principles aligned with DCAS and OTI Cyber GRC standards.

Security Architecture
Define Azure security strategy and secure cloud architecture.
Implement network security (NSGs, Firewall/WAF, private endpoints).
Conduct threat modeling, risk assessments, and security validation.
Ensure compliance with security and regulatory standards.

Identity & Access Management (IAM)
Configure Azure Entra ID integration and identity management.
Implement RBAC, MFA, Conditional Access, and PIM.
Manage Azure Key Vault and secrets protection.
Support data protection, classification, and DLP controls.
Coordinate with GRC teams for compliance.

Governance, Risk & Compliance
Implement Azure policies and security baselines.
Ensure compliance with ISO 27001, NIST, and related frameworks.
Conduct audits, vulnerability assessments, and remediation tracking.

DevSecOps & Documentation
Integrate security into CI/CD pipelines and perform security reviews.
Provide architecture guidance to engineering teams.
Develop runbooks, operational documentation, and architecture diagrams.
Conduct knowledge transfer to internal teams.
The consultant will ensure the applications are securely deployed, reliably operated, and scalable enough to handle public use while meeting strict government security and performance requirements.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10456060
  • Position Id: NY-85626Y0802
  • Posted 12 hours ago
Contact the job poster
Sunny Singh

Sunny Singh

Recruiter @ Innosoul inc
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Hybrid in New York, New York

Today

Easy Apply

Third Party, Contract

Depends on Experience

New York, New York

Today

Easy Apply

Contract

Remote or Hybrid in New York, New York

Today

Easy Apply

Contract, Third Party

Depends on Experience

New York, New York

Today

Easy Apply

Full-time, Part-time, Third Party, Contract

USD 70-80

Search all similar jobs