Georgia IT Inc
Azure Security Engineer-Chicago, IL (Hybrid Role)
Georgia IT Inc, Chicago, Illinois, United States, 60290
Position: Azure Security Engineer
Location: Chicago, IL (Hybrid Role)
Duration: 12 Months
Rate: DOE
US Citizens and Green cards are preferred.
Identity and Access Management - RBAC, Conditional Access Policies, Entra ID, PIM/PAM, Entra ID Connect, AD FS, PHS, ID Protection, MFA Hands-on Azure Policies, Client, Assignment, Remediation Task and Resource compliance report Hands-on configuration of CI/CD pipelines for cloud-native deployments, IaC, Terraform Azure Security Services - Security Center, Key Vault, Log Analytics, Azure Monitor Azure ARM/PowerShell Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents. Create queries (KQL) for specific audit reports based on auditable events criteria. Using / configuring- MS Defender for cloud, MDE, XDR. Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook Participates in the incident response and investigation process. Review and analyze audit records weekly for identified unusual activity and provide evidence of review and/or findings. Conduct account reviews, Access Review by implementing the workflows. Provide Operational support for Security Operations related activities. You are a self-starter who can independently read technical documentation. Ability to work with application and security teams to promote a secure posture in the cloud.
US Citizens and Green cards are preferred.
Identity and Access Management - RBAC, Conditional Access Policies, Entra ID, PIM/PAM, Entra ID Connect, AD FS, PHS, ID Protection, MFA Hands-on Azure Policies, Client, Assignment, Remediation Task and Resource compliance report Hands-on configuration of CI/CD pipelines for cloud-native deployments, IaC, Terraform Azure Security Services - Security Center, Key Vault, Log Analytics, Azure Monitor Azure ARM/PowerShell Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents. Create queries (KQL) for specific audit reports based on auditable events criteria. Using / configuring- MS Defender for cloud, MDE, XDR. Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook Participates in the incident response and investigation process. Review and analyze audit records weekly for identified unusual activity and provide evidence of review and/or findings. Conduct account reviews, Access Review by implementing the workflows. Provide Operational support for Security Operations related activities. You are a self-starter who can independently read technical documentation. Ability to work with application and security teams to promote a secure posture in the cloud.