The Cloud Security SME serves as a hands-on Azure security expert embedded within the platform operations team, working alongside the NOC team to implement security controls, respond to security incidents, and provide deep technical Azure security expertise. This role bridges the gap between security architecture and operational execution, ensuring that security standards defined by the Security Management Lead are properly implemented across the Azure environment. The position requires extensive hands-on experience with Azure security services, strong incident response capabilities, and the ability to work collaboratively with multiple stakeholders and vendors in a fast-paced operational environment. This is a tactical, execution-focused role that complements the strategic security leadership.

DUTIES & RESPONSIBILITIES

• Implement Azure security controls, policies, and configurations based on security architecture and standards
• Work day-to-day alongside NOC team providing Azure security expertise and hands-on technical support
• Configure and maintain Azure security services including Defender for Cloud, Azure Sentinel, and Azure Monitor
• Respond to daily security alerts, investigate incidents, and perform technical security troubleshooting
• Implement security patches, updates, and vulnerability remediation across Azure infrastructure
• Monitor Azure Policy compliance, identify violations, and coordinate remediation activities with technical teams
• Configure and manage network security groups, access control lists, and Azure firewall rules
• Implement data encryption controls for data at rest and in transit across platform services
• Coordinate security activities between NOC, SOC, Microsoft and other vendors
• Provide technical support during security incidents and assist SOC team with Azure-specific investigations
• Execute security incident response procedures and document findings for review
• Implement identity and access management controls, manage privileged accounts, and review access permissions
• Support smart solution onboarding by implementing security requirements and validating configurations
• Perform daily security monitoring tasks and review security logs for anomalies
• Fill technical capability gaps that Use Case / Service Providers may have in Azure security implementation
• Test and validate security controls, backup encryption, and disaster recovery security measures
• Document security configurations, procedures, SOPs, and technical implementations
• Receive technical direction from Security Management Lead on security implementation priorities
• Support Operations Manager with technical oversight of Tasmu Platform & Use Cases security deliverables

SKILLS & ABILITIES

• Expert-level hands-on experience with Azure security services and cloud security implementation
• Deep technical knowledge of Azure Defender for Cloud, Azure Sentinel, and Azure Monitor configuration
• Strong experience with security incident investigation, response, and forensic analysis in Azure environments
• Proficiency in implementing network security controls, encryption, and access management in Azure
• Hands-on experience with Azure Policy implementation and compliance monitoring
• Strong troubleshooting skills and ability to work under pressure during security incidents and onboarding of Use Cases
• Experience working alongside or with managed service providers and external contractors
• Excellent collaboration skills to coordinate security across multiple vendor teams
• Ability to translate security architecture into technical implementation
• Proficiency in PowerShell and Azure CLI for security automation and configuration
• Strong understanding of security compliance frameworks and data privacy requirements
• Experience with vulnerability assessment tools and security remediation processes
• Ability to document technical security procedures clearly and comprehensively
• Knowledge of SIEM operations and security event analysis

Required Certifications

Industry Security Certifications (minimum 1 required):

• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker)
• GIAC Security Essentials (GSEC)
• CompTIA Security+ or CASP+

Cloud & Technology Certifications (minimum 1 required):

• Microsoft Certified: Azure Security Engineer Associate (AZ-500) [Mandatory]
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Microsoft Certified: Azure Administrator Associate (AZ-104)
• Palo Alto Networks Certified Network Security Administrator (PCNSA)
• Palo Alto Networks Certified Network Security Engineer (PCNSE)

Preferred Additional Certifications

• GIAC Certified Incident Handler (GCIH)
• Microsoft Certified: Azure Solutions Architect Expert (AZ-305)
• Palo Alto Networks Accredited Configuration Engineer (ACE)