The Server Team from one of our clients is looking for a Cloud Security Specialist who will collaborate with other engineers to develop, implement, and oversee cloud security solutions. This role focuses on ensuring the protection and compliance of our Azure Cloud and future micro service platforms, along with maintaining a secure, resilient cloud infrastructure.
Task and responsibilities
Develop and enforce security policies, including infrastructure-as-code security controls, compliance checks, and monitoring solutions
Conduct regular security assessments, penetration tests, and vulnerability scans in cloud environments
Design and manage role-based access control, network segmentation, and identity management to ensure secure, least-privilege access
Work with DevOps and engineering teams to integrate security best practices into CI/CD pipelines
Monitor cloud resources for security incidents, unauthorized access, and potential threats, and manage the response process
Stay up-to-date on new security threats and Azure security features, adapting the cloud security posture accordingly
Support governance and compliance efforts related to frameworks like GDPR, the Microsoft Cloud Security Benchmark, and internal security policies
Collaborate with the IT security team to ensure compliance with both cloud and corporate security standards
Technical skills
Proven extensive experience with security controls and frameworks, particularly for Microsoft Azure. Azure Security certification is highly desired
Proficiency in using tools like HashiCorp TerraForm, Sentinel, or other policy-as-code frameworks for security enforcement
Expertise in cloud-native security tools, including Azure Security Center, Azure Sentinel, and logging solutions for real-time threat detection
Strong background in network security, including the configuration of Firewalls, load balancers, Vnets, subnets, and routing for secure cloud operations
Hands-on experience with monitoring and compliance tools to enforce security standards across infrastructure (e.g., Azure Monitor, Log Analytics)
Familiarity with DevSecOps practices, including the automation of security checks in CI/CD pipelines
In-depth knowledge of identity and access management, particularly Entra ID configurations and multi-factor authentication
Solid understanding of compliance requirements like GDPR for data protection in cloud environments
Scripting skills (e.g., PowerShell, Python) for automation of security tasks and custom reporting
Non-technical skills
Strong analytical and problem-solving abilities
Excellent planning and organizational skills, with a focus on prioritizing security in cloud operations
Ability to communicate effectively with both technical and non-technical audiences
Ability to work independently with a proactive, hands-on approach to cloud security
Comfortable presenting security policies, risks, and mitigation strategies to management and stakeholders
Fluent in English (knowledge of French, Dutch, and/or German is a plus)