Logo
Lorven Technologies

Azure Security Architect- Contract Position- NYC, Remote

Lorven Technologies, New York, NY, United States


Role: Azure Security Architect

Who are we looking for?

The Azure Security Architect is responsible for ensuring that the design and security of Azure IaaS/PaaS/SaaS, Hybrid infrastructure and applications meets company's, legal and regulatory security, and compliance standards. They will be required to engage with internal and external stakeholders at all levels of seniority to securely achieve the goals of the company's security organization and business.

P Position Summary Hands-on Working knowledge of Azure-native technology stack like Azure AD, Defender for cloud (CSPM) & Identity, PIM, Conditional Access, Defender for Identity, AIP, Azure Log Analytics, Azure Monitoring, Azure Key Vault,
  • Hands-on Working knowledge of Microsoft 365 security suite (Defender for Endpoint, Information Protection, Purview, DLP, EOP, Intune (MDM/MAM) and Defender for cloud Apps).
  • Experience in designing, implementing, and delivering security for cloud native, distributed computing and architectural solutions with a principle of "Secure by Design".
  • Identify and deliver appropriate controls based on industry standards to drive Azure cloud and customer security solutions framework based on business risk and cloud native threats
  • Design, develop and implement security architectures and designs for Azure cloud and cloud/hybrid-based systems with a minimal degree of risk to the organization
  • Collaborate with Business and IT Operations personnel to implement group level security plans, policies, and procedures.
  • Expertise in performing Vulnerability Management, Threat Modelling, generating security architectural requirements to SDLC and product teams.
  • Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (SDLC) (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other Azure cloud environments
  • Hands-on Working knowledge of Azure-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc) and experience with IAM, MFA, PIM/PAM, SSO for cloud and custom IDPs
  • Experience in defining Security Zones in Azure environment, Azure Landing Zone, Hub and Spoke architecture, create Firewall rules for DMZ, knowledge on Infrastructure Management, Application and Data Domains
  • Experience in Backup and Data loss strategy, creating and automating an incident response plan, monitoring for security events, and application security testing
  • High level knowledge in IDS/IPS, SIEM and SOAR
  • Knowledge and understanding of global security framework, implementation of best practices of Security and Governance Framework (ISO, NIST, CIS, OWASP, GDPR, ITIL)
  • Architecting a high-level solution and documentation (BRD, HLD, LLD & SCR)
  • Strong stakeholder management.
Qualifications Required

Due to the technical nature of the position and the requirements to relate to a broad spectrum of Azure technology stack and other technologies:
  • B.E. / B. Tech in Electronics/Telecommunications computer science or equivalent degree in IT related field.
  • 10+ years of overall experience in Information Technology.
  • At least 8 years of experience in Information Security, Cyber Security Architect and/or Engineering
  • At least 6 years of experience with Microsoft Azure Security stack and a thorough understanding of Microsoft 365 security Solutions
  • Experience in policy, procedure and report writing is required.
  • Strong verbal, interpersonal, and communication skills required
  • The ability to work independently and as a team member exercising good judgment and responsibility is required
  • Familiarity with industry best practices and Security standards (ISO, NIST, CIS, OWASP, GDPR, ITIL, HITRUST, HIPPA, PCIDSS) will be an added advantage.
  • Other Certifications - Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), Certified Cloud Security Knowledge (CCSK).
  • Highly desired Microsoft Certifications (AZ500, AZ300/303, MS500, SC100/300/400).