Azure Security Consultant

Compri Consulting is searching for a Microsoft Azure Security Assessment Consultant for a 3+ month contract position. Consultant will be working to conduct a comprehensive security assessment of our Microsoft Azure environment, identifying security gaps, and providing actionable recommendations to enhance the overall security posture, governance, and compliance.

Responsibilities

• Evaluate and review Azure cloud architecture to identify potential security design flaws.
• Assess alignment with Microsoft's Cloud Adoption Framework, NIST CSF, and Zero Trust principles
• Recommend Azure Security Policies
• Recommend security baselines and Azure Policy definitions for security hardening.
• Identify and suggest policy initiatives (built-in and custom).
• Design Crowdstrike Cloud Sensors/Connectors: Assist with architecture and deployment planning for CrowdStrike sensors or connectors to enable real-time visibility and protection of cloud workloads, containers, and other Azure systems.
• Validate the Azure and Defender Ecosystem: Ensure CrowdStrike integrates effectively with Azure native tools such as Microsoft Defender for Cloud and Sentinel for event correlation, alerting, and incident response.
• Review Firewall Rules and NSGs
• Analyze Firewall and Network Security Group (NSG) configurations
• Identify overly permissive rules or potential misconfigurations.
• Recommend remediation and segmentation improvements
• Role-Based Access Control (RBAC
• Evaluate existing RBAC assignments for "least privilege" adherence
• Identify use of overly broad role assignments.
• Privileged Identity Management (PIM)
• Review implementation of Azure AD PIM.
• Validate configuration of just-in-time (JIT) access and approval workflows.
• Ensure administrative access is limited and monitored.
• Review Remote Access Methods: Assess all methods used to access Azure and connected resources remotely (e.g., VPN, Bastion, Just-in-Time VM access, remote desktop protocols, Azure Arc).
• Confirm remote access events are being logged, retained, and monitored within Sentinel or other SIEM tools. Validate alerting for unusual access behavior.

Experience

• 5+years of hands-on Azure experience (admin, engineering, architecture, or security)