Lead Software Engineer, Cloud Security

1. Implement and manage access control measures to ensure only authorized users have access to sensitive information. This involves configuring Entra, Azure IAM, and Azure AD B2C.
2. Secure and manage Microsoft 365 services using the Microsoft Defender.
3. Implement and manage security policies and configurations in Microsoft 365.
4. Implement data protection measures, DLP using Microsoft Purview.
5. Administer and secure Azure environments using Azure Policies.
6. Analyze and act on security recommendations from various Defender for Cloud products.
7. Perform a review of Azure infrastructure and provide security recommendations.
8. Writing automation using various scripting frameworks such as PowerShell, python, and various automation tools. 
9. Collaborate with different operations and engineering teams to drive the implementation of various security measures. 

1. Formal Education in Cyber Security – demonstrated through certifications. 
2. Basic proficiency in different domains of information security, such as Vulnerability Assessments and penetration testing of web and mobile applications, Security principles, Incident Response, BCP & DR, Access Control, Network Security, and security operations.
3. Advanced proficiency in securing and managing Microsoft 365 services, including Entra, using the Defender portal.
4. Exposure to Microsoft Purview including AI-Hub, Label, SIT, and DLP policies.
5. Hands-on experience in administering and securing Azure environments using Azure Policies and various Defender for cloud products.
6. Hands-on experience in Azure Networking services like VNET, DNS, NSG, Front Door, Private links, etc.
7. Writing KQL and Graph queries with Strong analytical skills to interpret security data and develop actionable insights. 
8. Knowledge of Microsoft Sentinel/XDR, Threat Intelligence and threat-hunting expenses.
9. Understanding of OWAPS Top 10, Zero Trust principle.
10. Experience with Azure Automation, PowerShell, and Python scripting would be an added advantage   

Experience:

7 to 11 years of experience in information security with hands-on experience with Microsoft Defender and Defender for Cloud

Certifications:

1. Preferred to have Microsoft and Azure certifications like AZ-500, SC-200, SC-300, SC-400, SC-100, 
2. ISC2 CC (Certified in Cybersecurity) is recommended