Security and Compliance Engineer

Security and Compliance Engineer

Job Summary: Talent Software Services is in search of a Security and Compliance Engineer for a contract position in Redmond, WA. The opportunity will be eight months with a strong chance for a long-term extension.

Primary Responsibilities/Accountabilities:

• Perform in-depth security and risk assessments for services deployed on Azure and Power Platform.
• Document risks in the Risk Register, ensuring accurate linkage to corresponding remediation actions.
• Collaborate with engineering teams to track progress on risk mitigation and ensure closure.
• Provide technical guidance and hands-on remediation support, including dedicated office hours.
• Capture and standardize remediation steps, building reusable guidance for future scenarios.
• Analyze security and compliance datasets using tools like Azure Data Explorer (Kusto) to surface insights and summarize risk impact.
• Leverage automation to streamline risk tracking, compliance validation, and remediation workflows.
• Support and participate in security and compliance campaigns, aligning efforts with corporate and division-wide priorities.
• Track and manage assigned work via Azure DevOps, providing timely updates and clear documentation.
• Typical Task Breakdown and Operating Rhythm
• The role will consist of 15% meetings and 75% focused, independent work.

Qualifications:

• Years of Experience Required: 5 years of experience in the field.
• Degrees or Certifications Required: CISSP certification or equivalent (e.g., SANS GIAC certifications) is required.
• Bachelor's degree in Computer Science, Software Engineering, or a related technical discipline OR 5-7 years of relevant industry experience in security engineering, compliance, or cloud risk management.
• The ideal candidate will have experience with secure code reviews and static/dynamic analysis tools, hands-on experience securing Power Platform, including Canvas Apps and Dataverse, and familiarity with compliance automation frameworks or platforms (e.g., Azure Policy, Purview). The candidate should be able to multitask effectively, have a proactive attitude, and possess a friendly demeanor for stakeholder interactions. Compatibility with work ethics is essential.
• Performance Indicators
• Performance will be assessed based on meeting deadlines and the quality of work.
• Minimum 5 years of experience with automation and coding skills.
• Minimum 5 years of experience with Azure, including familiarity with its security architecture and services.
• Minimum 3 years of experience in security assessments, threat modeling, and risk analysis.
• Minimum 1 year of experience with risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks.