Senior Azure Cloud Security Architect - Cape Town, South Africa - SUMMIT Africa Recruitment

SUMMIT Africa Recruitment

Verified Company

Cape Town, South Africa

1 week ago

Posted by:

Thabo Mthembu

beBee Recruiter

Description

and Devops practices that meet strict regulatory security and compliance

requirements.

Responsibilities

Work in collaboration with Devops and Cloud Engineers toward a DevSecOps practice that conforms to Security

- and Privacy by Design principles

Guide business operations teams including Finance, HR, Marketing and Customer Sales around security and compliance requirements
Manage security product assessments and budgeting
Manage 3rd Party vendor and product vetting assessments
Manage regular internal audits and external pen testing projects
Represent security and compliance matters in client request for proposals
Manage Azure Policy and Blueprints to detect, alert and remediate controls that are non compliant to required regulatory standards
Expert use of runbooks, flows, playbooks and/or logic apps to automatically remediate resources and controls that do not meet security or compliance baselines
Clear Security documentation and diagrams should be standard protocol
Build automation and orchestration of Security infrastructure
Lead security and quality code scanning and remediation at the code promotion gates
Continually improve Azure Sentinel SOC/SIEM service with accurate rules and playbooks
Work with SRE Team to ensure accurate security event detection and response workflows
Lead security and privacy training campaigns
Administer SAST, SCA, and DAST platforms with a focus on providing fast feedback to developers
Administer a Security Bot with context of Evil User Stories, Security User Stories, and Privacy User Stories that efficiently inform and equip Developers with Threat Modelling at the Sprint planning stage
Identify points of weakness and technical vulnerabilities, and devise solutions to these problems
Perform internal Pen Tests and Web Application Testing
Own Governance, Risk and Compliance
Translating the regulatory requirements and security framework requirements into business speak and direction, and then into technical requirements with implementation bestpractice guidance.

Requirements:

You only adhere to repeatable and declarative deployment and configuration as part of Infrastructure as Code
Passion for security, automation, performance, and reliability
10+ years of experience in Information Security
3+ years proven Microsoft Azure Cloud security experience
3+ years of experience with Microsoft Cybersecurity tools, including Azure Sentinel, Defender ATP, Cloud App Security, Data Classification, Data Loss Protection, Information Protection, M365 Compliance and M365 Protection
JSON, Kusto Query Language (KQL) and Powershell experience
Experience With Microsoft automation services like Logic Apps, Power Automate, Flow and Runbooks
Terraform Cloud with Azure Provider experience to deploy Infrastructure and Governance as Code
Experience with Docker and Kubernetes
Proven experience with Azure Devops CI/CD
Strong experience with Azure Kubernetes Container Security and API Security
Experience in security testing with knowledge of security fundamentals and exploitation techniques

Qualifications