Azure Security DevSecOps Engineer

This is Sai Vikas from Tek Leaders. One of our client is looking for Azure Security DevSecOps Engineer @ Remote .

Title: Azure Security DevSecOps Engineer (Only W2 Resources)

Location : Remote

Overview

We are seeking a highly skilled Azure Security DevSecOps Engineer with deep expertise in Microsoft Entra ID (formerly Azure AD) to join our cloud platform engineering team. This role is pivotal in embedding security across the software development lifecycle, ensuring robust identity and access management, and aligning with enterprise-grade security frameworks.

Key Responsibilities:

• Secure Azure Infrastructure: Design, implement, and maintain secure Azure cloud environments using DevSecOps principles and Infrastructure as Code (IaC) via Terraform.
• Identity & Access Management: Architect and manage Entra ID configurations including RBAC, Conditional Access, MFA (hard/soft tokens), SSPR, and Service Principal setups.
• Security Posture Management: Leverage Wiz for vulnerability scanning, compliance monitoring, and cloud security posture management.
• Code Security & Quality: Integrate SonarQube for static code analysis and enforce clean-code practices aligned with ISO/IEC 5055 and OWASP standards.
• CI/CD Integration: Embed security into CI/CD pipelines using tools like GitHub Actions, Azure DevOps, and Sonar scanner CLI.
• Network Security: Secure Azure networking components including NSGs, Azure Firewall, VPNs, and DDoS protection.
• Security Frameworks Compliance: Implement and enforce NIST, CIS, ISO 27001, and Zero Trust principles across cloud workloads.
• Threat Modeling & Risk Analysis: Conduct assessments for Azure-based applications and infrastructure, and respond to incidents using Azure Security Center and Sentinel.
• Automation & Governance: Automate security workflows and contribute to centralized governance initiatives like the SHIELD program.
• Collaboration: Work cross-functionally with development, operations, and cybersecurity teams to drive secure-by-design and shift-left strategies.

Required Skills & Qualifications

• Experience 10+ years in cloud security or DevSecOps roles, with 3+ years focused on Azure.
• Entra ID Expertise: Proven experience with advanced Entra ID configurations, including custom policies in Azure B2C and third-party identity provider integrations.
• Wiz: Hands-on experience with Wiz for cloud security monitoring and compliance.
• Terraform: Strong proficiency in writing and managing IaC for Azure.
• SonarQube: Practical knowledge of SonarQube for code quality and security scanning.
• Scripting: Proficiency in PowerShell and Python for automation and integration.
• Security Frameworks: Familiarity with NIST, CIS, ISO 27001, OWASP, and PCI-DSS.
• Azure Services: Deep knowledge of Azure Security Center, Key Vault, Sentinel, and Azure Monitor.

Preferred Qualifications

• Certifications: Microsoft Certified: Azure Security Engineer Associate, Certified DevSecOps Professional, or equivalent.
• Tools: Experience with Checkmarx, Snyk, Qualys, and container security platforms (e.g., Aqua, Prisma Cloud).
• Container Security: Familiarity with Docker, Kubernetes, and related Azure services.
• Governance: Experience contributing to centralized DevSecOps governance programs like SHIELD.

Thanks & Regards

Sai vikas Vemula

Sr IT recruiter

Email ID:

5151 Headquarters Dr.Suite: 105, Plano, TX 75024