Senior Azure Cloud Security Architect - RapidDeploy Cape Town Bookmark Share Print 191 0 0

Listing Description

RapidDeploy is a fully cloud native company that delivers mission-critical life and safety application services, underpinned by latest cutting-edge cloud technology. RapidDeploy is looking for a senior-level Cloud Security Architect with in-depth experience in Azure Cloud services’ security that can help bolster the business operations and engineering security posture.  You will work closely with Engineering teams and Software developers to understand their build, deployment and dependency requirements to ensure security and privacy by design toward safe and secure applications and infrastructure. You will advocate, and contribute toward, a secure software development lifecycle, Gitops- and Devops practices that meet strict regulatory security and compliance requirements. 

Responsibilities
  • Work in collaboration with Devops and Cloud Engineers toward a DevSecOps practice that conforms to Security- and Privacy by Design principles 
  • Guide business operations teams including Finance, HR, Marketing and Customer Sales around security and compliance requirements 
  • Manage security product assessments and budgeting 
  • Manage 3rd Party vendor and product vetting assessments 
  • Manage regular internal audits and external pen testing projects 
  • Represent security and compliance matters in client request for proposals 
  • Manage Azure Policy and Blueprints to detect, alert and remediate controls that are non-compliant to required regulatory standards 
  • Expert use of runbooks, flows, playbooks and/or logic apps to automatically remediate resources and controls that do not meet security or compliance baselines 
  • Manage application and infrastructure vulnerabilities with best-of-breed vendor solutions and present the executive summary dashboards with PowerBI 
  • Clear Security documentation and diagrams should be standard protocol 
  • Build automation and orchestration of Security infrastructure 
  • Lead security and quality code scanning and remediation at the code promotion gates 
  • Continually improve Azure Sentinel SOC/SIEM service with accurate rules and playbooks  
  • Work with SRE Team to ensure accurate security event detection and response workflows 
  • Lead security and privacy training campaigns 
  • Administer SAST, SCA, and DAST platforms with a focus on providing fast feedback to developers 
  • Administer a Security Bot with context of Evil User Stories, Security User Stories, and Privacy User Stories that efficiently inform and equip Developers with Threat Modelling at the Sprint planning stage 
  • Identify points of weakness and technical vulnerabilities, and devise solutions to these problems 
  • Perform internal Pen Tests and Web Application Testing 
  • Own Governance, Risk and Compliance - Translating the regulatory requirements and security framework requirements into business speak and direction, and then into technical requirements with implementation best-practice guidance.  

    • What You’ll Have:
  • You would have read the books: The Devops Handbook and The Phoenix Project 
  • You only adhere to repeatable and declarative deployment and configuration as part of Infrastructure as Code 
  • Passion for security, automation, performance, and reliability 
  • 10+ years of experience in Information Security 
  • 3+ years proven Microsoft Azure Cloud security experience 
  • 3+ years of experience with Microsoft Cybersecurity tools, including Azure Sentinel, Defender ATP, Cloud App Security, Data Classification, Data Loss Protection, Information Protection, M365 Compliance and M365 Protection 
  • JSON, Kusto Query Language (KQL) and Powershell experience 
  • Experience With Microsoft automation services like Logic Apps, Power Automate, Flow and Runbooks 
  • Terraform Cloud with Azure Provider experience to deploy Infrastructure and Governance as Code 
  • Experience with Docker and Kubernetes 
  • Proven experience with Azure Devops CI/CD 
  • Strong experience with Azure Kubernetes Container Security and API Security 
  • Experience conducting penetration tests, running web application testing tools, performing manual testing and source code review using tools, validating test results, identifying root cause, analysing vulnerabilities, and helping develop platform specific remediation plans 
  • Experience in security testing with knowledge of security fundamentals and exploitation techniques  

    • Qualifications:
  • Azure Certified Administrator Associate (AZ104) 
  • Azure Security Technologies (AZ500)  
  • CISSP (Certified Information Systems Security Professional) 

    • Other relevant Certifications:
  • Certified Kubernetes Administrator (CKA) 
  • AWS Security Certifications 
  • Offensive Security Certifications 

    • Extra Credit If You’ve Got It:
  • Proficiency in cryptographic protocols and cipher suites 
  • IAM custom JSON roles and role based access control best practice experience 
  • Technical experience in administering a Cloud PKI infrastructure with CA and Certificate issuance 
  • Experience with DevOps workflow tools like Jenkins and Gitlab 
  • Thorough understanding of cloud network technologies that include Private Links, VNET Peering and Virtual Networking 
  • Azure Firewall Premium and Application Gateway Experience 
  • CloudFlare Services experience 
  • 1st and 3rd Party Code Security Scanning experience with experience in approaches that reduce false-positives and escape rates 
  • Familiarity with penetration testing methodology and standards 
  • Deep understanding of Secure SDLC 
  • OWASP top 10 mitigation approaches – Service based environments e.g. REST 
  • Scripting or programming experience (Python, Go, Bash, etc.)  
  • Experience in implementing common industry frameworks such as: NIST CSF, ISO 27000, COBIT, NIST 800-171, NIST 800-53, CIS, and Critical Security Controls (SANS Top 20) 
  • IoT Security experience 
  • BS in Computer Science or equivalent degree  

    • Behavioural Competencies
  • Work well under pressure.
  • Good communication skills (Written and verbal).
  • A good problem solver.
  • Have an inquisitive nature and a drive to thoroughly understand problems.
  • Like to keep things simple.
  • Can organize and plan well. 
    • About RapidDeploy Inc
    ·        Fast-growing, passionate, mission-driven team – we care about saving lives through technology! 
    ·        We are people-centric and ensure an environment where employees are encouraged to grow and learn every day 
    ·        Offices in Austin, TX and Cape Town, South Africa  

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!