• Location: Atlanta, Georgia
  • Date Posted: 5th Mar, 2021
  • Reference: srnfi03052021

Senior Azure Security Architect - Permanent - Remote - $190k

This Partner Client is currently seeking an experienced Cloud Security Architect with extensive Azure knowledge to join our team of expert technical and management consultants.


  • Cloud Infra security and Compliance assessments

o AWS, GCP, Azure

o CIS Benchmarks, etc.

o NIST 800-53, PCI, ISO27002

  • Cloud Security Program consulting-help customers;

o justify creating a cloud security program,

o stand up a cloud security program from scratch,

o review customer's existing Cloud Security Programs,

o review customer's existing corporate policies to prepare them for Cloud initiatives: data classification, data protection, etc.

Security Architecture reviews for Cloud-based applications, covering:

o Infrastructure Security

  • CIS Benchmarks, etc.

o Data Protection

  • encrypt data at rest using Cloud Service Provider provided keys vs using customer managed key

  • encrypt data in transit using the latest TLS

o Key Management

  • What secrets are in use in the app; how are they handled? Secrets Manager, HSM, written to a file?

o Web Application Security

  • OWASP top 10 is key

o Cyber Security: Attack Scenarios/kill chain, threat actors and controls

o Secure SDLC Methodologies

o Threat Modelling

  • STRIDE, PASTA, KillChain

o Vulnerability Assessments

  • AlertLogic, Nessus, Qualys, etc.

  • Implementing security controls in the cloud, including;

o Security Groups, NACLs

o IAM Policies

o Web App Firewalls

o Logging and Monitoring, etc.

  • Working in a DevSecOps program, including;

o Adding security controls to the CICD pipelines

o Providing security guidance to the Pipeline DevOps team

o Compliance automation

o Assist the team with mapping compliance checks, writing compliance rules, and enhancing base compliance rules (as an example, adding content on top of CIS Benchmarks)

Information Security Requirements:

  • 10 years+ in Information Security space.

  • Proven experience in design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier / multi-platform environment.

  • Proven understanding of operational integration of security functions

  • Strong experience with security technologies, including Firewalls, DLP, web filtering, NAC, IDS/ IPS, SSO, IAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.

  • Security Domain Coverage Required

  • Cloud/SaaS Security experience

  • Infrastructure Security experience

  • Key Management experience

  • Web Application Security experience

  • Cyber Security: Attack Scenarios/kill chain, threat actors and controls

  • Secure SDLC Methodologies

  • Threat Modelling experience

  • Vulnerability Assessments experience

  • Information Security Governance experience

  • Proven ability in security process and organizational design

  • Well-rounded background in host, network, database, and application security.

  • Experience implementing security controls in a self-service environment.

Cloud Requirements

  • Direct experience with Azure.

Programming Requirements

  • Basic understanding of Python language

  • Node.JS

Architecture Requirements

  • Formal training in and experience using an enterprise architecture methodology (for example TOGAF)

  • Information Security Architecture Experience within other Enterprise organizations

General Skills

  • Strong oral, written, and presentation abilities with technical and executive presentation experience.

  • Current understanding of Industry trends and emerging threats.

Typical Engagement Responsibilities

  • Architect cloud security solutions

  • Understand and Articulate security requirements to other cloud architects so they can producing compliant designs

  • Perform hands-on proofs of concept for security-related technologies

  • Script and interact with cloud resource provider models

  • Design and author documents including security policies, standards, and procedures

  • Contribute to Cloud Policy documents addressing governance, security and compliance

  • Perform application security risk assessments, gap analysis and remediation plans

  • Lead creation of framework-based system security plans for NIST 800-53, FEDRAMP, PCI-DSS

  • Organize preparations for PCI-DSS system compliance audits

  • Specify and code policy-as-code compliance rules to achieve control requirements

  • Understand cryptography and specify appropriate cryptographic configurations to meet requirements

  • Participate in assessment of on-prem applications for cloud migration

Benefits & Perks

  • Health coverage for you and your family through medical, dental and vision plans

  • Financial protection through disability, life, accidental death & dismemberment, and business travel insurance

  • 401(k) plan with company match

  • FSA & HSA accounts to help you set aside pre-tax dollars for your healthcare needs

  • To help manage your work - life needs; we offer an employee assistance program, professional certification reimbursement, subsidized gym participation reimbursement, financial and wellness seminars

  • Long-term care insurance

  • Generous paid time off program

  • Enjoy our monthly employee social events

  • Public speaking opportunities at the company or local events

If this role is of interest, please contact Shannon today at s.roberts@nigelfrank.com