Threat Modelling Engineer - Vulnerability Management (5-8 yrs)

Job Description :

Key Responsibilities :

Security Implementation & Threat Protection :

- Design, implement, and maintain security controls and threat protection for Azure cloud and hybrid cloud environments.

- Respond to security incidents and remediate vulnerabilities.

Identity & Access Management (IAM) :

- Design and implement secure IAM concepts, including user authentication, authorization, and access control in Azure.

Security Posture Management :

- Continuously monitor and improve the security posture of cloud environments, identifying risks and vulnerabilities and taking proactive measures to mitigate them.

Application Security :

- Perform application security testing (SAST, DAST, IAST, SCA) for web and mobile applications. Address common application security flaws and implement secure coding practices.

SDLC Security Integration :

- Integrate security measures into the software development lifecycle (SDLC), ensuring secure coding, code reviews, and testing practices.

Cloud Security Tools & Services :

- Utilize Azure security tools and services, such as Azure Security Center, Azure Sentinel, and Azure Firewall, to enhance overall security.

CI/CD Security :

- Secure CI/CD pipelines using tools like Azure DevOps, Jenkins, and Bamboo.

- Implement security controls to protect the development and deployment processes.

Container & Big Data Security :

- Secure containerized environments (Docker, Kubernetes) and big data technologies (Spark, Cassandra, HDFS, Kafka, ELK Stack).

Web Services & API Security :

- Secure web services and API integrations using REST, SOAP, and protocols like OAuth, OpenID Connect, SAML, and other security standards.

Encryption & Key Management :

- Implement key management strategies, PKI, HSM, encryption, and tokenization to ensure data confidentiality and integrity.

Qualifications/Experience :

- Bachelor's or Master's degree in Computer Science, Information Systems, Engineering, Cybersecurity, or related field, or equivalent work experience.

- 5+ years of experience in Azure security, including implementing security controls and threat protection in Azure cloud and hybrid environments.

- Strong knowledge of OWASP/SANS Top 25 Concepts and application security testing (SAST, DAST, IAST, SCA).

- Hands-on experience with Azure IaaS, PaaS services, and Azure DevOps for securing CI/CD pipelines.

- Experience with scripting languages like PowerShell, ARM Templates, Python, and Terraform to automate security tasks.

- Security tools proficiency including Azure Security Center, Sentinel, and other Azure-native security services.

- Experience securing containerized environments (Docker, Kubernetes) and securing big data technologies (Spark, Cassandra, Kafka, ELK stack).

- Knowledge of IAM concepts, federation protocols (SAML, OAuth, OpenID Connect), and tools for managing access and authentication.

- Familiarity with PKI, encryption, key management, HSM, and X.509 certificates for securing data in transit and at rest.

- Certifications such as AZ-500 (Microsoft Azure Security Technologies) and/or Certified Secure Software Lifecycle Professional (CSSLP) are a plus.

Key Competencies :

- Strong customer service orientation, attention to detail, and ability to drive results without compromising on security controls.

- Excellent organizational and planning skills with the ability to prioritize and manage tasks effectively.

- Strong communication skills-both written and verbal-along with the ability to troubleshoot, present complex security issues, and document solutions.

- Willingness to be available outside of regular working hours for on-call support or urgent issues as needed.

- Comfortable collaborating with stakeholders across different regions and cultures.

- Self-motivated with the ability to work independently and with minimal supervision in a fast-paced, dynamic environment.