Role description
What will you be responsible for?
As a Cybersecurity Principal Cloud Security Engineer, you will be responsible to design, implement, and own the security posture of Azure Tenant including:
- Own Azure tenant security posture, including subscriptions, management groups, landing zones, and cloud resource lifecycle.
- Design and enforce Azure guardrails using Azure Policy and Policy Initiatives aligned to enterprise standards.
- Define and govern RBAC models, PIM, managed identities, and service principals across tenants.
- Implement and operationalize policy controls for tagging, regions, SKUs, encryption, and data residency.
- Lead deployment and operations of Microsoft Defender for Cloud (CSPM/CWPP) across IaaS, PaaS, AKS, and containers.
- Own SIEM data connectors, analytics rules, UEBA, threat intelligence enrichment, and automation playbooks.
- Drive detection engineering, threat hunting enablement, and MTTR reduction in partnership with SOC teams.
- Lead implementation and day‑to‑day operations of enterprise security platforms: CrowdStrike, Proofpoint, Rapid7, Wiz
- Establish and govern secure Azure network architectures, including hub‑spoke/vWAN, Private Endpoints, Firewall, WAF, DDoS, NSGs, and ASGs.
- Implement Policy as Code and Security Baselines as Code using GitOps and IaC practices.
- Embed cloud and security controls into CI/CD pipelines to enable shift‑left and continuous compliance.
- Maintain the enterprise cloud risk register and report security KPIs, trends, and risks to leadership.
- Map and operationalize security controls against CIS, ISO 27001, SOC 2, HIPAA/HITRUST, enabling continuous evidence collection.
- Lead incident response runbooks, purple‑team control validation, and post‑incident remediation for cloud threats.
- Partner cross‑functionally with platform, infra, app, risk, compliance, and audit teams to ensure secure cloud adoption at scale.
- (Nice to Have) Experience with Application Security practices and tools (e.g., Checkmarx for SAST/DAST/SCA) and integrating AppSec signals into cloud risk and SIEM workflows.
What would your day look like?
- Partner daily with Engineering, Network, and Platform teams to design, review, and operate a secure, compliant Azure cloud and data platform.
- Act as a security authority on architecture and design reviews, shaping approved Azure, network, identity, and application patterns.
- Oversee SIEM operations in partnership with Global Cyber SOC teams to gather threat visibility, reviewing detections, tuning rules, and guiding response for high‑risk security events.
- Collaborate with security vendors and partners (CrowdStrike, Proofpoint, Rapid7, Wiz) on platform health, detections, and remediation outcomes.
- Define and refine security SOPs, mentor L1/L2 teams, and ensure consistent triage, escalation, and incident handling.
- Drive delivery of security initiatives and improvements through sprints, balancing hands‑on execution with architectural direction and stakeholder alignment.
Who are we looking for?
- 10+ years of cybersecurity experience with 5+ years focused on Azure cloud security architecture.
- Deep hands‑on experience designing and operating Azure identity and access security, including Azure RBAC, Microsoft Entra ID, Conditional Access, PIM/PIM for Groups, and Identity Governance.
- Strong operational experience with enterprise security platforms, including CrowdStrike, Proofpoint, Rapid7, Wiz, and Microsoft Defender for Cloud.
- Proven expertise in SIEM/SOAR engineering, with hands‑on experience building and operating Microsoft Sentinel analytics, UEBA, automation playbooks, and threat integrations.
- Demonstrated success delivering Azure Landing Zones aligned to Microsoft Cloud Adoption Framework (CAF) and Well‑Architected Framework security principles.
- Strong understanding of identity federation and integrations, including SAML, OAuth2/OIDC, SCIM provisioning, and B2B scenarios.
- Solid experience securing network and platform controls, including Azure Firewall, WAF, Private Endpoints, and Zero Trust architectures.
- Automation‑first mindset with hands‑on skills in PowerShell, Python, Terraform, Bicep, Git, YAML, and CI/CD driven security enforcement.
- (Nice to Have) Experience in Application Security, including SAST, DAST, SCA (e.g., Checkmarx), and embedding AppSec controls into CI/CD pipelines.
Skills
cloud security,incident response,identity and access management,google cloud platform,
About UST
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.