Compelling Story & Candidate Value Proposition

This role offers the opportunity to engage in reviews across multiple services, enhancing your exposure and experience in the field. It is related to cybersecurity compliance and provides high visibility and interaction with various stakeholders.

Candidate Requirements Years of Experience Required: 5 years in the field. Degrees or certifications required: CISSP certification or equivalent (e.g., SANS GIAC certifications) is mandatory. A Bachelor's degree in Computer Science, Software Engineering, or a related technical discipline OR 5-7 years of relevant industry experience in security engineering, compliance, or cloud risk management is also required. Best vs. Average: The ideal candidate will have experience with secure code reviews, static/dynamic analysis tools, hands-on experience securing platforms, and familiarity with compliance automation frameworks. The ability to multitask, a proactive work ethic, and excellent communication skills are essential. Performance Indicators: Success will be measured by meeting deadlines and the quality of work delivered. Top 3 Hard Skills Required Minimum 5 years of experience with Azure, including familiarity with its security architecture and services. Minimum 3 years of experience in security assessments, threat modeling, and risk analysis. Minimum 1 year of experience in risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks. Summary

We are seeking a Security and Compliance Engineer to support and enhance the security posture and compliance readiness of cloud-based services hosted in Azure and other platforms. This role involves conducting detailed security and risk assessments, driving remediation activities, analyzing compliance telemetry, and leveraging automation to scale secure engineering practices. The ideal candidate will bring strong technical expertise, a passion for proactive risk management, and the ability to collaborate across teams to ensure consistent, compliant, and resilient solutions.

Key Responsibilities Perform in-depth security and risk assessments for services deployed on Azure and other platforms. Document risks in the Risk Register, ensuring accurate linkage to corresponding remediation actions. Collaborate with engineering teams to track progress on risk mitigation and ensure closure. Provide technical guidance and hands-on remediation support, including dedicated office hours. Capture and standardize remediation steps, building reusable guidance for future scenarios. Analyze security and compliance datasets using tools like Azure Data Explorer to surface insights and summarize risk impact. Leverage automation to streamline risk tracking, compliance validation, and remediation workflows. Support and participate in security and compliance campaigns, aligning efforts with corporate and division-wide priorities. Track and manage assigned work via Azure DevOps, providing timely updates and clear documentation. Required Skills & Experience CISSP certification or equivalent (e.g., SANS GIAC certifications). 5 years of hands-on experience with Azure, including familiarity with its security architecture and services. 3 years of experience in security assessments, threat modeling, and risk analysis. 1 year of experience in risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks. Strong understanding of web application security, threats, and mitigation strategies. Demonstrated ability to provide security and compliance support across multiple teams. Experience using Azure Data Explorer for compliance and security telemetry analysis. Experience with automation tools (e.g., PowerShell, Azure Logic Apps, CI/CD integration, scripting) to enhance compliance and risk workflows. Excellent communication, collaboration, and analytical skills. Preferred Qualifications Experience with secure code reviews and static/dynamic analysis tools. Hands-on experience securing platforms, including Canvas Apps and Dataverse. Familiarity with compliance automation frameworks or platforms. Education & Experience Bachelor's degree in Computer Science, Software Engineering, or a related technical discipline. 5-7 years of relevant industry experience in security engineering, compliance, or cloud risk management.