Req ID#30042859
We are seeking a highly skilled Azure Cloud Security & Governance Manager to drive the implementation of cloud security, compliance, and governance controls across our Azure environment. This role will provide leadership in securing cloud workloads, ensuring regulatory compliance, and maturing governance frameworks to support scalable and secure cloud operations. The ideal candidate brings deep expertise in Azure security, risk management, identity governance, and cloud compliance, along with the ability to influence stakeholders and embed best practices across engineering and operational teams.
Responsibilities :
Cloud Security Architecture & Engineering
- Maintain secure Azure architectures aligned with Microsoft Cloud Adoption Framework (CAF) and industry best practices.
- Lead the implementation of security controls across Azure services, including encryption, network security, identity protection, and workload hardening.
- Ensure secure configuration baselines using tools such as Azure Policy, Defender for Cloud, Blueprints/Bicep, and Landing Zones.
- Oversee secure DevOps practices including CI/CD security, secret management, and vulnerability management.
Governance, Risk & Compliance
- Develop, implement, and maintain Azure governance frameworks covering identity, cost, resource management, data protection, and compliance.
- Establish and enforce governance rules through Azure Policy, RBAC, Conditional Access, and Privileged Identity Management (PIM).
- Lead risk assessments, cloud security posture reviews, and remediation planning.
- Ensure alignment with standards such as ISO 27001, NIST, CIS Benchmarks, PCI-DSS, and regulatory requirements (e.g., GDPR).
Identity & Access Management (IAM)
- Own the Azure identity and access governance model, ensuring principle of least privilege and role-based access.
- Oversee MFA, Conditional Access, PIM, and identity lifecycle procedures.
- Collaborate with security operations and identity teams to enhance identity resilience and threat detection.
Operational Security & Monitoring
- Drive continuous improvement of cloud security posture through monitoring, threat intelligence, and incident response readiness.
- Work with SOC teams to enhance alerting, detection, and response in Defender for Cloud and Sentinel.
- Lead security incident investigations related to Azure workloads and identities.
Strategy, Leadership & Stakeholder Engagement
- Act as the subject matter expert (SME) for Azure security and governance across the team.
- Provide guidance to engineering, operations, and project teams to embed secure-by-design principles.
- Partner with architecture, infrastructure, and compliance teams to maintain coherence of cloud strategy.
- Mentor junior staff and contribute to upskilling initiatives.
Required Skills & Experience
- 7+ years in cloud security, architecture, or governance roles, with at least 4 years hands on in Azure.
- Deep knowledge of Azure security services including:
- Defender for Cloud, Sentinel, Key Vault, App Gateway/WAF
- Azure Policy, RBAC, PIM, Conditional Access
- Azure Networking security (NSGs, ASGs, Firewall, Private Links)
- Strong understanding of Zero Trust architecture and secure-by-design methodologies.
- Practical experience building and maintaining Azure Landing Zones and governance frameworks.
- Strong understanding of regulatory and compliance frameworks (ISO 27001, CIS, NIST, GDPR).
- Demonstrable experience with Infrastructure-as-Code (Bicep, ARM, Terraform preferred).
- Excellent communication and stakeholder management skills with ability to translate complex security topics into business language.
