Cloud Platform Security Engineer- IAM - Sr.Manager

Job Description

Charles River Development is looking for an experienced cloud security professional with a focus on Identity and Access Management, application security, security engineering, and security architecture.Job Responsibilities:

• The position is a highly technical role that will participate in the design and delivery of Azure infrastructure deployment and provide guidance and real-world mitigation steps to information risks
• Apply knowledge about Identity and Access Management in the cloud, including SAML, Open ID Connect, Azure AD Conditional Access Policies, and B2B/B2C capabilities
• Work with product teams to modernize applications with a focus on multi-tenant SaaS application identity and API security using OAuth and mutual TLS
• Design API gateway configuration using technologies such as Envoy Ambassador and Azure API Management with appropriate filters / policies to ensure secure authentication and authorization
• Implement security-in-depth for cloud application and data platforms such as Kubernetes, Container Registries, Database Platforms, API Management, and other services
• Implement new capabilities using cloud security tools such as Azure Log Analytics, Azure Security Center, Azure Information Protection, and Azure Defender
• Create appropriate policies for operationalizing security tools, implementing standards for cloud security, and performing periodic audits to ensure that standards are maintained
• Integrate application security tools into the application deployment pipeline
• Prepare security engineering diagrams and keep existing security diagrams up to date
• Implement security solutions such as SIEM, IDS/IPS, endpoint detection and response (EDR), and Cyber Threat Intelligence (CTI) tools
• Design and implement solutions for data protection using best-practices to encrypt data at rest, data in motion, and data in use
• Develop assets to help teams gain better visibility into the security posture of resources deployed to the cloud, including custom policies, scripts, and Log Analytics queries / workbooks
• Balance pragmatism with vision; continually assess the security posture of cloud applications and deliver improvements to the team s tools, processes and codebase
• Automate detection and remediation of security problems with native cloud capabilities
• Contribute and drive knowledge sharing, documentation & collaboration
• Be a team player, accountable, self-motivated and delivery focused engineer

• Expertise in common IAM protocols such as Kerberos, SAML, OAuth, and SCIM in Azure Active Directory
• A thorough understanding of Azure Active Directory and its overall capabilities as an Identity Platform for collaboration and application development
• Experience implementing Key Management technology and procedures
• Hands-on experience in the designing, deployment, and support of security appliances, software, and other SaaS-based security offerings in a public cloud Ability to apply global research on emerging technologies, frameworks, solutions & best practices to fulfill various project & platform specific requirements
• A thorough understanding of networking, security architectures, and experience deploying complex enterprise solutions in public clouds
• Hands on experience of codifying secure cloud platform provisioning activities using tools such as Terraform, Azure Policy, PowerShell DSC and InSpec
• Azure Security Engineer Associate certification required Industry-standard security certifications such as Azure Administrator Associate, Azure Solutions Architect Expert, CCNA/CCNP Security, and CompTIA Cybersecurity Analyst
• Ability to assist, contribute & lead when required with prototyping various platform specific security solutions & technologies
• Experience in supporting Linux-based infrastructure
• Strong interpersonal and communication skills
• Comfortable in global working environment
• Vast understanding of change management and security audit processes
• Excellent oral and written communication skills
• Ability to interact with technical staff across multiple systems and disciplines
• Bachelors degree or equivalent work experience
• High degree of self-sufficiency, ownership, and pride of deliverables

Keyskills :
firewallnetworkingcustomer relationsidspenetration testingenvironmental impact assessmentmusic makingcloud securitysecurity auditkey managementsecurity toolsglobal researchactive directorychange management