HHS Sr. Azure Security Engineer

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 19 hours ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Sr. Azure Security Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Computer Science or related field (or equivalent experience).
Minimum 7 years of cybersecurity experience with at least 4 years focused on Azure cloud security.
Strong experience securing Azure IaaS PaaS and SaaS environments.
Hands-on experience with Azure security services including Defender for Cloud Azure Firewall Azure WAF Azure Sentinel and Azure AD.
Experience supporting FedRAMP and FISMA-compliant cloud environments.
In-depth knowledge of NIST SPand related federal guidance.
Experience integrating cloud logs and telemetry into SIEM platforms.
Experience with Infrastructure as Code tools such as ARM Bicep or Terraform.
Ability to effectively communicate technical concepts to both technical and non-technical stakeholders.
Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Azure Solutions Architect Expert
Active CISSP CCSP or equivalent cloud security certification GIAC Cloud Security Automation (GCSA) or similar

Duties:

Serve as the Subject Matter Expert (SME) for Azure cloud security architecture implementation and operations.
Design implement and maintain secure Azure IaaS PaaS and SaaS environments in compliance with NIST SP 800-53 NIST SP 800-37 FedRAMP and HHS/HRSA security requirements.
Administer and maintain Cloud Security Posture Management (CSPM) solutions to identify misconfigurations vulnerabilities and compliance gaps in Azure environments.
Implement and manage Azure security controls including Azure Active Directory RBAC Conditional Access Network Security Groups Azure Firewall Azure WAF encryption and key management.
Support FedRAMP and agency ATO processes by validating inherited controls reviewing FedRAMP documentation and supporting continuous monitoring activities.
Integrate Azure-native logging and monitoring services (e.g. Azure Monitor Defender for Cloud) with HRSAs SIEM.
Implement runtime security for cloud workloads including virtual machines containers and serverless functions.
Develop and maintain Infrastructure as Code (IaC) solutions with embedded security controls and automated validation.
Support CI/CD pipeline security by integrating automated security testing tools including SAST DAST and IaC scanning.
Design and maintain Zero Trust cloud security architectures in alignment with OMB M-22-09.
Provide security guidance for cloud migrations application onboarding and modernization efforts.
Respond to cloud-related security incidents and support incident response forensic analysis and remediation.
Maintain SLAs for cloud security support requests and provide regular status reporting.
Develop and maintain documentation including architecture diagrams SOPs and security baselines.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Computer Science or related field (or equivalent experience).
Minimum 7 years of cybersecurity experience with at least 4 years focused on Azure cloud security.
Strong experience securing Azure IaaS PaaS and SaaS environments.
Hands-on experience with Azure security services including Defender for Cloud Azure Firewall Azure WAF Azure Sentinel and Azure AD.
Experience supporting FedRAMP and FISMA-compliant cloud environments.
In-depth knowledge of NIST SPand related federal guidance.
Experience integrating cloud logs and telemetry into SIEM platforms.
Experience with Infrastructure as Code tools such as ARM Bicep or Terraform.
Ability to effectively communicate technical concepts to both technical and non-technical stakeholders.
Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Azure Solutions Architect Expert
Active CISSP CCSP or equivalent cloud security certification GIAC Cloud Security Automation (GCSA) or similar

Duties:

Serve as the Subject Matter Expert (SME) for Azure cloud security architecture implementation and operations.
Design implement and maintain secure Azure IaaS PaaS and SaaS environments in compliance with NIST SP 800-53 NIST SP 800-37 FedRAMP and HHS/HRSA security requirements.
Administer and maintain Cloud Security Posture Management (CSPM) solutions to identify misconfigurations vulnerabilities and compliance gaps in Azure environments.
Implement and manage Azure security controls including Azure Active Directory RBAC Conditional Access Network Security Groups Azure Firewall Azure WAF encryption and key management.
Support FedRAMP and agency ATO processes by validating inherited controls reviewing FedRAMP documentation and supporting continuous monitoring activities.
Integrate Azure-native logging and monitoring services (e.g. Azure Monitor Defender for Cloud) with HRSAs SIEM.
Implement runtime security for cloud workloads including virtual machines containers and serverless functions.
Develop and maintain Infrastructure as Code (IaC) solutions with embedded security controls and automated validation.
Support CI/CD pipeline security by integrating automated security testing tools including SAST DAST and IaC scanning.
Design and maintain Zero Trust cloud security architectures in alignment with OMB M-22-09.
Provide security guidance for cloud migrations application onboarding and modernization efforts.
Respond to cloud-related security incidents and support incident response forensic analysis and remediation.
Maintain SLAs for cloud security support requests and provide regular status reporting.
Develop and maintain documentation including architecture diagrams SOPs and security baselines.