Senior Azure Security Engineer

Job Family:

Travel Required:

Clearance Required:

What You Will Do:

What does a successful Cloud Security Architect do?
In this role, you’ll lead the development of cyber-security architecture within an agile environment, ensuring that technology initiatives align with security frameworks to protect our key government client’s cloud environments. Your responsibilities include strategic planning, architecture design, and implementing robust security controls. As a trusted advisor, you’ll contribute to developing cloud risk management strategies and multi-year implementation programs to address our customer’s Cyber-Security, Cyber Defense, and Business needs. You will be a hands-on security engineer who knows how to runs vulnerability scans and work with DevOps to ensure remedies are implemented.  If you’re passionate about securing cloud infrastructures and making a meaningful impact, we encourage you to apply! 

What you will do as an Azure Government Cloud Security Architect: 
Cloud Security Architect: In this pivotal role, you’ll spearhead the development of cyber-security architecture within an agile environment. Your mission: to fortify our key government client’s cloud environments by seamlessly integrating technology initiatives with robust security frameworks. As a seasoned professional, you’ll be accountable for strategic planning, architecture design, and the implementation of rigorous security controls. Your expertise will guide the development of cloud risk management strategies and multi-year programs, addressing critical Cyber-Security, Cyber Defense, and Business imperatives. If you’re ready to make a lasting impact, join our team!
Design Azure Cloud Security Solutions:

• Lead architecture reviews for decision records.
• Cover IAM (Entra ID/Azure Active Directory), posture management, workload protection, SIEM/SOAR, and application testing.

 Architectural Runway and Collaboration:

• Create infosec requirements for infrastructure and app development.
• Collaborate with agile teams to meet security needs.

Continuous Monitoring and Compliance:

• Monitor cybersecurity policies, compliance artifacts, and systems authorization.
• Map security controls to compliance requirements.

Zero-Trust Implementation:

• Integrate Azure Zero-Trust Architecture into cloud solution design.

Risk Mitigation and Vulnerability Remediation:

• Coordinate risk reduction efforts for applications and infrastructure.

Hybrid Cloud Deployment:

• Deploy FedRAMP High hybrid cloud solutions, integrating on-premises components.

Threat Assessment and Incident Response:

• Assess vulnerabilities and provide incident support.

What You Will Need:

• Microsoft Azure Cloud experience (GovCloud preferred).
• Familiarity with Azure security tools/platforms (e.g., Azure AD, Sentinel, Defender, Monitor, Key Vault).
• Bachelor’s degree in a technology field (Master’s degree preferred).
• 5+ years of cyber-related experience in a commercial environment with Azure, focusing on technical information security and risk management.
• Identity Access and Management concepts (including multifactor authentication and SSO/Federation).
• Privileged Access Management.
• Vulnerability testing for Azure systems.
• Understanding of CI/CD pipelines and software scanning.
• Demonstrated expertise in Information Security and Risk Management across Windows and Linux.
• Familiarity with key domains: 
• Identity, Credential, and Access Management (ICAM).
• Authentication and Authorization (including SSO and Identity Federation).
• Zero-Trust Model.
• Defense-In-Depth.
• Governance and Compliance.
• Data Security.
• Operating System Security.
• Network Layer Protection.
• Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response.
• Cloud Core Platform (Compute, Storage, Networking).

What Would Be Nice To Have: 

• INFOSEC Certifications: CISSP, CCSP, CISM.
• Azure/AWS/Google Training and Certification.
• Microsoft Certifications/Exams (recommended): Sc-100 Cybersecurity Architect, Sc-300 Identity and Access Administration, AZ-500 Azure Security Engineer.
• Crowdstrike Falcon EDR for Azure.
• Managing/maintaining FISM.
• Candidate must be a lawful permanent resident (at least 3 consecutive years onshore) or US Citizen. 
• Candidate must be able to pass an extensive background check.
• Proficiency in Microsoft Azure services, including Azure Virtual Machines, Azure Active Directory, Microsoft Defender for Cloud, Azure Key Vault, Microsoft Sentinel, Firewall Manager, Azure Networking, Azure Storage, Microsoft Defender XDR, Microsoft Purview, and other relevant services
• Strong understanding of cloud security concepts, principles, and best practices.
• Knowledge of network security, identity, and access management (IAM), encryption technologies, secure coding practices, and security monitoring, and experience with security assessment tools and techniques, such as vulnerability scanning and security incident response.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Parental Leave

• 401(k) Retirement Plan

• Group Term Life and Travel Assistance

• Voluntary Life and AD&D Insurance

• Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts

• Transit and Parking Commuter Benefits

• Short-Term & Long-Term Disability

• Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Care.com annual membership

• Employee Assistance Program

• Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)

• Position may be eligible for a discretionary variable incentive bonus

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.