We are looking for a hands-on Azure Network Security Engineer with strong experience in Azure VNets, Network Security
Groups, Application Security Groups, Azure Monitor, NSG Flow Logs, Terraform/Bicep, and network micro-segmentation.
The role will involve designing and implementing Azure network isolation, NSG/ASG-based segmentation, database micro segmentation, application segmentation, app-to-database segmentation, validation, rollout planning, and rollback documentation.
Exposure to Palo Alto on Azure, VM-Series, Cloud NGFW, Panorama, or centralized traffic inspection patterns will be
considered an added advantage, but it is not mandatory for this role.
Key Responsibilities
- Design Azure network segmentation model using VNets, NSGs, and ASGs.
- Map Azure application-to-database communication flows.
- Prepare Azure HLD, LLD, ASG taxonomy, and traffic flow matrix.
- Implement NSG rules based on approved ASG membership and traffic matrix.
- Separate Prod, Dev, and Test environments using Azure-native controls.
- Configure NSG Flow Logs and Azure Monitor alerts.
- Implement database micro-segmentation for PostgreSQL and MSSQL workloads.
- Restrict DB ports such as 5432 and 1433 to authorized application workloads only.
- Implement application segmentation using ASGs and NSGs.
- Enforce app-to-database cross-segmentation rules.
- Validate NSG rules in Dev and Staging environments.
- Ensure Azure segmentation model aligns with the agreed multi-cloud security model.
- Prepare test reports, rollout plan, rollback plan, and operational runbooks.
- Work with cloud, security, DevOps, and client stakeholders for approvals and signoffs.
Pay: ₹200,000.00 - ₹240,000.00 per month
Benefits:
Work Location: Remote
