We are seeking a highly skilled and experienced Azure Security Architect to lead the design, implementation, and management of secure cloud solutions on Microsoft Azure. As an Azure Security Architect, you will be responsible for ensuring the security of cloud-based applications and services, implementing security best practices, and mitigating risks across the Azure environment. You will collaborate with cross-functional teams, including IT, DevOps, and development teams, to design and enforce security policies, frameworks, and solutions.
Req.#776574920
#LI-DNI
Responsibilities
- Design and implement secure cloud architectures for Microsoft Azure environments
- Define security standards, best practices, and policies to ensure cloud systems meet compliance and regulatory requirements (e.g., GDPR, HIPAA)
- Develop and maintain Azure security policies, governance frameworks, and technical security controls
- Perform security assessments, identify vulnerabilities, and lead remediation efforts to address risks and threats within the Azure environment
- Architect and implement identity and access management (IAM), encryption, and security monitoring solutions
- Collaborate with DevOps and development teams to integrate security into the CI/CD pipeline
- Conduct risk assessments, threat modeling, and security reviews for cloud-based solutions
- Stay current with Azure security technologies and industry best practices and recommend improvements or new tools as necessary
- Ensure the security of Azure-based services such as Azure AD, Azure Key Vault, Azure Security Center, and Azure Sentinel
- Provide guidance and mentorship to team members on security best practices
- Assist in incident response activities and security investigations
Want more jobs like this?
Get jobs in New York, NY delivered to your inbox every week.
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)
- 5+ years of experience in cloud security with a focus on Azure security architecture and design
- Strong understanding of Azure services and security capabilities, including Azure AD, Azure Key Vault, Azure Policy, and Azure Security Center
- Experience with identity and access management (IAM), multi-factor authentication (MFA), and role-based access control (RBAC) in Azure
- Proficiency in implementing security tools, such as Azure Sentinel, Microsoft Defender for Cloud, and Azure Firewall
- Deep knowledge of network security, including firewalls, VPNs, and encryption protocols
- Strong understanding of compliance frameworks such as GDPR, HIPAA, PCI-DSS, and other industry-specific standards
- Excellent communication skills with the ability to articulate complex security concepts to non-technical stakeholders
- Relevant certifications such as Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Azure Security Engineer Associate, CISSP, or CISM are a plus
- Experience with infrastructure-as-code (IaC) tools like Terraform, ARM templates, or Azure Resource Manager
- Knowledge of scripting and automation languages such as PowerShell, Python, or Bash
- Familiarity with DevSecOps practices and integrating security into CI/CD pipelines
- Experience with hybrid cloud security and securing multi-cloud environments
- Travel to client site 2 weeks out of every month in Taylor, TX
- Medical, Dental and Vision Insurance (Subsidized)
- Health Savings Account
- Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
- Short-Term and Long-Term Disability (Company Provided)
- Life and AD&D Insurance (Company Provided)
- Employee Assistance Program
- Unlimited access to LinkedIn learning solutions
- Matched 401(k) Retirement Savings Plan
- Paid Time Off - the employee will be eligible to accrue 15-25 paid days, depending on specific level and tenure with EPAM (accrual eligibility may change over time)
- Paid Holidays - nine (9) total per year
- Legal Plan and Identity Theft Protection
- Accident Insurance
- Employee Discounts
- Pet Insurance
- Employee Stock Purchase Program
- If otherwise eligible, participation in the discretionary annual bonus program
- If otherwise eligible and hired into a qualifying level, participation in the discretionary Long-Term Incentive (LTI) Program
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
YouTube video player
This posting includes a good faith range of the salary EPAM would reasonably expect to pay the selected candidate. The range provided reflects base salary only. Individual compensation offers within the range are based on a variety of factors, including, but not limited to: geographic location, experience, credentials, education, training; the demand for the role; and overall business and labor market considerations. Most candidates are hired at a salary within the range disclosed. Salary range: $175K - $200K. In addition, the details highlighted in this job posting above are a general description of all other expected benefits and compensation for the position.
Applications will be accepted on a rolling basis.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.