Description
We are seeking a skilled Security Dev Ops Engineer with deep Azure security and compliance expertise to join our growing team. This role is focused on embedding security and governance into every layer of our Azure environment and SDLC processes while enabling secure automation and speed to market. The ideal candidate will have a strong background in cloud security, compliance frameworks, and networking fundamentals, coupled with experience in AI-assisted coding tools such as GitHub Copilot, Augment, or Cursor.
You will collaborate with development, infrastructure, and compliance teams to ensure our cloud environments remain secure, resilient, and aligned with industry regulations. While DevOps experience is valuable, the emphasis of this position is on security, compliance, and governance-first practices within Azure.You are a security Champion and Educator who will be a security SME for our development teams. Providing guidance, security focused reviews, and develop training materials to empower developers to develop with a Security DNA mindset
Vulnerability \& Incident Management
Identify, prioritize, and remediate security vulnerabilities in Azure workloads across all environments.
Develop monitoring and alerting for real-time threat detection.
Stay updated on security vulnerabilities specific to Azure services and remediate directly or in partnership with development teams.
Incident Response \& Monitoring
Implement and configure logging tools to monitor and alert on security-related events.
Respond to and investigate security incidents, performing forensic analysis, including identifying root causes and implementing corrective actions.
Cloud Security \& Governance
Manage and monitor Azure security services (e.g., Azure Security Center, Microsoft Defender for Cloud, Sentinel, and Azure Policy).
Define and enforce compliance controls for HIPAA, SOC 2, HiTrust, and other regulatory frameworks.
Conduct regular security and compliance audits, reporting findings and recommending remediations.
Security \& Compliance In CI/CD
Design, document and ensure implementation of secure CI/CD pipelines in Azure DevOps with security checks built-in.
Identify, Integrate and ensure usage of tools such as static/dynamic code analysis, dependency scanning, and secrets management.
Establish and enforce baseline security configurations for Azure resources (e.g., logging, access controls, encryption).
Provide valuable insight into Threat Modeling during design \& architecture reviews to identify and mitigate security threats in new products, features and applications.
Infrastructure As Code \& Automation
Ensure implementation of secure infrastructure provisioning via Terraform, ARM templates, or Bicep.
Automate policy enforcement, governance, and compliance monitoring across environments.
Assess existing architectures for outdated/EOL technologies and drive remediation.
Networking Security
Define, document and ensure secure implementation of Azure networking components (NSGs, firewalls, VPNs, private endpoints).
Implement zero-trust networking principles across multi-cloud environments.
Partner with development/data teams to harden connectivity and data flow security.
AI-Enhanced Development \& Security
Define and document secure \& compliance standard of AI-assisted coding tools (e.g., GitHub Copilot, Augment, Cursor) to improve secure coding practices, reduce vulnerabilities, and accelerate automation.
Educate teams on secure usage of AI tools and their role in the secure software development lifecycle (SSDLC).
Requirements
Proven experience as a SecDevOps Engineer, Cloud Security Engineer, or Security-Focused Cloud Engineer with an Azure background.
Strong hands-on expertise with Azure services (AKS, AAD, Key Vault, Functions, Defender for Cloud, Sentinel).
Proficiency with AI coding/automation tools such as GitHub Copilot, Augment, or Cursor.
Strong knowledge of security frameworks (OWASP, CIS Benchmarks, NIST) and compliance standards (HIPAA, SOC 2, HiTrust).
Expertise in networking fundamentals and Azure network security (NSGs, VPNs, firewalls, private endpoints).
Infrastructure as Code (Terraform, Bicep, ARM) with emphasis on policy and compliance automation.
Solid knowledge of security tools for CI/CD integration (e.g., SonarQube, Snyk, WhiteSource, Checkmarx).
Proficiency in scripting (PowerShell, Bash, Python).
Solid understanding of cloud security principles (zero-trust, defense-in-depth, least privilege).
Experience with vulnerability management, incident response, and security monitoring in Azure.
Preferred
Azure Certifications (e.g., Azure Security Engineer Associate, Azure Solutions Architect Expert).
CCSP or CSSLP certification.
CompTIA Security+ or equivalent.
Experience with GitOps workflows for secure deployments.
Experience securing serverless and containerized workloads (Azure Functions, AKS).
“Nuvem provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, creed, religion, sex, gender, gender identity, gender expression, national origin, ancestry, age, physical or medical disability, medical condition, marital status, sexual orientation, military and/or veteran status, or any other basis prohibited by applicable state or federal law.”
Salary Description
$85,000.00 - $125,000.00