Cybersecurity Engineer
Description
We are seeking a skilled SECOPS Engineer with a strong focus on Microsoft Azure and Microsoft 365 to join our dynamic and growing team. As a member of the SECOPs team, you will play a critical role in designing, implementing, and maintaining security measures to protect our organization's digital assets. Your expertise in Microsoft Azure and Microsoft 365 will be instrumental in ensuring the security and integrity of our cloud-based infrastructure. If you are a passionate and experienced SECOPS Engineer with expertise in Microsoft Azure and Microsoft 365, we invite you to apply and contribute to our organization's commitment to security excellence.
Requirements
- Security Architecture and Design:
- Design, implement, and maintain security measures within Microsoft Azure and Microsoft 365 environments.
- Develop and implement security policies, standards, and procedures to safeguard organizational assets.
Incident Detection and Response:
- Monitor and analyze security alerts, incidents, and events in Microsoft Azure and Microsoft 365.
- Lead incident response efforts, investigate security breaches, and recommend corrective actions.
Identity and Access Management:
- Implement and manage identity and access controls in Azure Active Directory and Microsoft 365 environments.
- Ensure proper authentication and authorization mechanisms are in place to safeguard critical resources.
Vulnerability Management:
- Conduct regular vulnerability assessments and penetration testing within Azure and Microsoft 365.
- Collaborate with IT teams to remediate identified vulnerabilities and weaknesses.
Security Automation and Scripting:
- Develop and maintain scripts and automation processes to enhance security monitoring and response capabilities.
- Utilize PowerShell and other scripting languages to automate routine security tasks.
Security Compliance:
- Ensure compliance with relevant security standards, regulations, and best practices in Microsoft Azure and Microsoft 365 environments.
- Conduct regular audits to assess and enforce security controls.
Collaboration and Training:
- Work closely with cross-functional teams to integrate security measures seamlessly into existing processes.
- Provide training and guidance to IT and operations teams on security best practices.
Security monitoring and analysis:
- Utilize security information and event management (SIEM) tools to monitor and analyze security events and alerts. Identify and respond to security incidents, including conducting root cause analysis and implementing necessary measures to prevent future incidents.
Security policy and compliance:
- Develop, implement, and maintain security policies, procedures, and guidelines to ensure compliance with relevant regulations and industry standards (Monitor and enforce compliance across the organization.)
Security documentation and reporting:
- Prepare detailed reports on security findings, risk assessments, incident response activities, and other security-related matters. Communicate findings, recommendations, and status updates to relevant stakeholders, including management and technical teams.
Security technologies and tools:
- Stay up to date with the latest security technologies, trends, and industry developments. Evaluate and recommend security tools, solutions, and processes to enhance the organization's security posture.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Relevant certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, or equivalent.
- Proven experience (3+ years) as a SECOPS Engineer with a focus on Microsoft Azure and Microsoft 365.
- In-depth knowledge of Azure security services, Azure Policy, MS Defender, and Azure Resource Manager.
- Strong understanding of Microsoft 365 security features, including Advanced Threat Protection, Information Protection, and Compliance Center.
- Experience with identity and access management in Azure Active Directory.
- Proficiency in scripting and automation using PowerShell.
- Familiarity with security frameworks, standards, and best practices (e.g., HITRUST, NIST, CIS).
- Solid understanding of network protocols, firewalls, intrusion detection/prevention systems, and other security technologies.
- Excellent analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure.
- Strong communication skills, with the ability to effectively convey complex security concepts to both technical and non-technical stakeholders.
- Demonstrated ability to work independently, as well as collaboratively in a team environment.
- Strong attention to detail and a commitment to maintaining high standards of data integrity and security.
Benefits
- Supportive, progressive, fast-paced environment
- Competitive pay structure
- Matching 401(k) with immediate vesting
- Medical, dental, vision, life, & short-term disability insurance
AssistRx, Inc. is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors, or any other protected categories protected by federal, state, or local laws.
All offers of employment with AssistRx are conditional based on the successful completion of a pre-employment background check.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire. Sponsorship and/or work authorization is not available for this position.
AssistRx does not accept unsolicited resumes from search firms or any other vendor services. Any unsolicited resumes will be considered property of AssistRx and no fee will be paid in the event of a hire