Senior Azure Cloud Security Architect - Cape Town, South Africa - SUMMIT Africa Recruitment
Description
and Devops practices that meet strict regulatory security and compliancerequirements.
Responsibilities
- Work in collaboration with Devops and Cloud Engineers toward a DevSecOps practice that conforms to Security
- Guide business operations teams including Finance, HR, Marketing and Customer Sales around security and compliance requirements
- Manage security product assessments and budgeting
- Manage 3rd Party vendor and product vetting assessments
- Manage regular internal audits and external pen testing projects
- Represent security and compliance matters in client request for proposals
- Manage Azure Policy and Blueprints to detect, alert and remediate controls that are non compliant to required regulatory standards
- Expert use of runbooks, flows, playbooks and/or logic apps to automatically remediate resources and controls that do not meet security or compliance baselines
- Clear Security documentation and diagrams should be standard protocol
- Build automation and orchestration of Security infrastructure
- Lead security and quality code scanning and remediation at the code promotion gates
- Continually improve Azure Sentinel SOC/SIEM service with accurate rules and playbooks
- Work with SRE Team to ensure accurate security event detection and response workflows
- Lead security and privacy training campaigns
- Administer SAST, SCA, and DAST platforms with a focus on providing fast feedback to developers
- Administer a Security Bot with context of Evil User Stories, Security User Stories, and Privacy User Stories that efficiently inform and equip Developers with Threat Modelling at the Sprint planning stage
- Identify points of weakness and technical vulnerabilities, and devise solutions to these problems
- Perform internal Pen Tests and Web Application Testing
- Own Governance, Risk and Compliance
- Translating the regulatory requirements and security framework requirements into business speak and direction, and then into technical requirements with implementation bestpractice guidance.
Requirements:
- You only adhere to repeatable and declarative deployment and configuration as part of Infrastructure as Code
- Passion for security, automation, performance, and reliability
- 10+ years of experience in Information Security
- 3+ years proven Microsoft Azure Cloud security experience
- 3+ years of experience with Microsoft Cybersecurity tools, including Azure Sentinel, Defender ATP, Cloud App Security, Data Classification, Data Loss Protection, Information Protection, M365 Compliance and M365 Protection
- JSON, Kusto Query Language (KQL) and Powershell experience
- Experience With Microsoft automation services like Logic Apps, Power Automate, Flow and Runbooks
- Terraform Cloud with Azure Provider experience to deploy Infrastructure and Governance as Code
- Experience with Docker and Kubernetes
- Proven experience with Azure Devops CI/CD
- Strong experience with Azure Kubernetes Container Security and API Security
- Experience in security testing with knowledge of security fundamentals and exploitation techniques
Qualifications
- Azure Certified Administrator Associate (AZ104)
- Azure Security Technologies (AZ500)?
- CISSP?(Certified Information Systems Security Professional)
Other relevant Certifications
- Certified Kubernetes Administrator (CKA)
- AWS Security Certifications
- Offensive Security Certifications
More jobs from SUMMIT Africa Recruitment
-
Product Marketing Manager
Johannesburg, South Africa - 1 week ago
-
Functional Analyst
Brackenfell, South Africa - 1 week ago
-
Ict Support Technician
Cape Town, South Africa - 6 days ago
-
Service Desk Consultant
Cape Town, South Africa - 1 week ago
-
Head of Technology
Cape Town, South Africa - 2 days ago
-
Product and Client Manager
Johannesburg, South Africa - 2 days ago