Senior Azure Security Engineer (55727)

About Abel Solutions

Abel Solutions is the digital trust and technology arm of Applied Technical Services LLC. Abel Solutions delivers cybersecurity compliance business process automation and Microsoftbased digital solutions that help organizations protect data and operate securely in highly regulated environments.

Applied Technical Services LLC (ATS) is a leading provider of critical testing inspection certification and compliance services. The Company serves clients across a diverse set of large and stable end markets including manufacturing power generation aerospace medical and defense. ATS was founded in 1967 and is headquartered in Marietta GA. Today the Company employs nearly 2100 team members in over 95 locations across the United States.

Together Abel Solutions and ATS advance a shared mission to create a safe and reliable world through precise technical and professional services.

The Opportunity

The Senior Azure Security Engineer (Architect)is a member of the Abel Solutions team an ATS subsidiary and is responsible forthe design deployment security and operation of mission critical Azure Government and Microsoft 365 GCC High environments in support of clients handling CUI and aligning to CMMC and NIST 800-171. The role blends deep technical security expertise with consulting delivery guiding clients from requirements discovery through architecture implementation operational readiness and transition into managed compliance. This position requires strong ownership communication documentation discipline and the ability to lead architecture decisions in regulated cloud environments.

What Youll Do

• Lead end to end Azure Government and GCC High engagements from discovery through production handoff
• Facilitate workshops covering compliance scope CUI boundaries security posture and target architecture
• Design and implement secure cloud environments using Zero Trust and defense in depth concepts
• Build and harden Azure Government landing zones networks identity compute AVD and operational controls
• Execute architecture decisions across identity network security workloads endpoint security monitoring and data protection
• Implement Conditional Access MFA PIM RBAC and secure privileged administration patterns
• Configure Azure Firewall NSGs private endpoints routing DNS and segmentation
• Build secure baselines reusable templates reference architectures and automation components
• Implement monitoring log analytics Sentinel detections incident workflows and operational readiness
• Support secure collaboration DLP retention and other M365 GCC High security capabilities when applicable
• Provide ongoing managed compliance support including configuration monitoring patching vulnerability management alert handling and incident response
• Participate in on call rotation for after hours incident handling
• Perform backup validation DR planning periodic testing and quarterly security reviews
• Prepare compliance evidence and documentation aligned with CMMC and NIST 800-171 requirements
• Maintain diagrams SOPs runbooks operational documentation and client ready reporting artifacts
• Stay current on Azure Government and GCC High capabilities and contribute to internal standards and service improvements
• Support internal initiatives knowledge sharing and collaboration across practices
• Build strong client relationships and maintain clear communication with leadership and technical teams

Required Experience and Skills:

• 7 plus years in infrastructure or security engineering with hands on Azure experience
• 3 plus years designing and deploying secure Azure environments in production
• 2 plus years operating security controls such as SIEM endpoint protection vulnerability management and incident response
• At least one full GCC High or Azure Government implementation from design through go live
• Azure architecture networking and security hardening proficiency
• Experience with Azure Policy RBAC management groups and resource organization
• Strong knowledge of private networking patterns including Private Link private endpoints DNS and firewalling
• Experience with Terraform Bicep ARM and automation pipelines
• PowerShell or CLI scripting capability
• Entra ID security features including Conditional Access MFA and PIM
• Familiarity with Microsoft Defender for Endpoint baseline hardening and endpoint security concepts
• Experience with Microsoft Sentinel including log ingestion analytics rules and workflow design
• Monitoring alerting incident response support and operational runbook driven processes
• Experience with ITSM platforms such as ServiceNow ConnectWise or Jira Service Management
• Strong analytical communication and consulting skills with ability to translate compliance requirements into technical patterns
• Ability to manage multiple priorities and collaborate across teams in a fast paced environment
• Ability to work independently with minimal supervision

Additional requirements:

• Bachelors degree in Computer Science MIS Cybersecurity or equivalent experience
• Microsoft Certified Azure Security Engineer Associate (AZ-500) required
• Preferred certifications include SC-100 SC-200 CISSP CCSP Security Plus or CASP Plus
• U.S. Person status required due to ITAR and EAR export control regulations
• Experience with GCC High Azure Government AVD in regulated environments CMMC readiness Sentinel deployment and policy as code strongly preferred
• Consulting experience preferred
• MSP or managed compliance experience preferred

Work Conditions:

• Primary work location is Marietta GA or remote
• Participation in an on call rotation for critical incident response
• Work may involve regulated data requiring strict security controls
• Collaboration with cross functional teams and direct client engagement is expected

EOE/AA/M/F/Vet/Disability

ATS is an equal opportunity employer where employment is based upon personal capabilities and qualifications without discrimination due to race color religion gender age national origin disability veteran status or any other protected characteristic as established by law.

U.S. Persons Only: A requirement of this position is access to information that is subject to U.S. export controls under the U.S. International Traffic in Arms Regulations (ITAR). Accordingly the company will consider only U.S. Persons for this position. A U.S. Person includes (a)U.S. citizens or nationals; (b)U.S. lawful permanent residents (i.e. green card holders); (c) persons granted refugee status; or (d) persons granted asylum in the United States. This information is collected solely for purposes of complying with U.S. export control requirements and will not be used to unlawfully discriminate in the hiring process