Log In Sign Up

Azure Security Expert

Premium Job From Experis IT

Recruiter

Experis IT

Listed on

11th September 2017

Location

Derby

Salary/Rate

Negotiable

Salary Notes

Negotiable

Type

Contract

This job has now expired please search on the home page to find live IT Jobs.

Azure Security Expert / Azure SME

Location: Derby

Start Date: ASAP

Duration: 2 Months

* Must have detailed and up-to-date knowledge of Azure services.

* Must have several years' hands-on experience implementing enterprise-scale solutions in Azure.

* Must have comprehensive experience of implementing and operating security controls and mechanisms in Azure.

* Must be able to understand security requirements and translate into workable solutions.

* Must be able to evaluate the merits of different solutions / approaches and present recommendations to senior security stakeholders.

* Must be able work with in-house and 3rd party senior security professionals as their peers.

* Must have good communication skills and ability to author comprehensive design documentation.

Experience & Certifications

* Ideally Microsoft Certified Solutions Expert: MCSE Cloud Platform and Infrastructure

* Ideally Microsoft Certified Solutions Associate: MCSA Cloud Platform and Infrastructure

* Ideally (ISC)2 Certified Cloud Security Professional (CCSP)

* Should have knowledge of Enterprise Security Architecture frameworks such as SABSA

* Should have knowledge of Enterprise Architecture frameworks such as TOGAF, Zachman, etc.

Key Technical Experience

Microsoft Azure: SaaS, PaaS, IaaS, Azure Active Directory, Azure Active Directory Domain Services, Azure Virtual Network, Azure AD connect, Azure VMs, Azure Cloud Services, Azure Resource Manager, Azure Site Recovery, Azure Site Recovery Vault, Azure backup Services, Azure Key Vault, Privileged Access Workstations, OMS, & Azure Security Centre.

Areas of Expertise

Must have hands-on experience of designing and implementing most of the following:

* Azure Authentication (identity) - Defining and agreeing authentication models for users and developers

* Authorisation Model (RBAC):

* Ensuring that RBAC Roles are fully configured and agreed with IT Security

* Working with the Business, Developers, Service Team and Security to define full set of Roles for Dev, Pre-Prod and Production environments

* Agreeing RBAC Model with stakeholders

* Implementing in a Digital Azure Environment

* Azure Roles & Responsibilities - Ensuring roles are defined and mapped to company roles & responsibilities

* Baseline Security Controls:

* Defining IAAS Server Based Controls, e.g. Corporate AV/Malware, APT Control, Operating System hardening, Host based firewall

* Working with Infrastructure Teams to identify approved OS types and versions

* Creating gold builds for all OS types in use

* Making sure that only Gold builds can be used in the Digital Azure Environment

* Securing IAAS Build - Creating Azure Desired State Configuration templates for orchestrating secure blueprints for delivery of Azure components

* Secure Application Development - Knowledge of Secure Lifecycle development

* IAAS Patching Model - Defining Security and OS patching method for IAAS Services

* PAAS Standard Security Controls - Blueprint and Template:

* Defining PAAS standard Security Controls

* Securing configuration of PAAS Services

* Configuring Templates for deployment into Azure

* Working with IT Security to align Azure PAAS with Approved Product List process

* Configuring templates for deployment by certain RBAC roles, differing between Dev and Prod

* Approved Product List - Amending the process to include authorised/secure preferred Azure components

* Azure Portal Controls and Logging of Portal Activity:

* Defining Azure Portal Management

* Defining Privileged Access Management, i.e. least privilege

* Defining Portal access logging

* Creating the process for assigning and removing privileges

* Azure IAAS and PAAS Networking Model - Defining the network model, controls and zoning for IaaS and PaaS

* Security Operations Model - Defining interim and strategic Security technology and processes for Security Monitoring

* Azure Environment Builds and Roles - Defining the separation between environments (Dev, pre-Prod, Prod)

* Azure Availability Model - Ensuring the solution is available and can meet SLAs.

* Azure Change Management Model - Ensuring the existing Change model works with Azure solutions

* Service Management Processes - Ensuring Service Management processes maintain the required security posture

* Azure Compliance Process - Ensuring that we can prove that compliance and regulatory requirements are being met

Please submit your profile in the first instance

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox