This Job Vacancy has Expired!

Azure Security Architect

K2 Partnering Solutions Ltd

Posted on May 26, 2022 by K2 Partnering Solutions Ltd

Zürich, Switzerland
IT
Immediate Start
Annual Salary
Contract/Project

Lead Azure Security Architect - Zurich 3 days per week

Our client in Zurich, a global leader in the finance environment, is looking for an English-speaking Lead Security Engineer until end of 2022 (extension is possible). The project is a multi-year finance Transformation project, greenfield on MS azure with both cloud-native and Legacy components.

Job Responsibilities:

* Working with the Cyber Risk team to ensure the companys security standards are implemented. Documentation of the measures implemented

* Understand all infrastructure as code (IaC) artefacts in Azure DevOps, with specific focus on Kubernetes, Kafka, Zookeeper, NoSQL (eg Couchbase)

* Secure the CI/CD process for IaC and Microservice (Spring Boot, Python) deployments

* Understand and oversee operations of wide scanning tools such as Aqua, NexusIQ, Qualys etc

* Ensure compliance with requirements on Encryption at rest and in transit

* Design, implement and ensure best practices of AuthZ, eg via token rotation: both for human and non-human

* Design, implement and maintain secrets management

* Design and implement a security aspect for configuration management

* Work with developers to understand the security context of the apps and their interaction with Apache Kafka, candidate will design & own the implementation of how Kafka will be secured

* Secure the platform against unauthorized access: design and implement life cycle (non-prod vs prod) for data

* Consult with infrastructure teams on network layouts and negotiate with other network teams on integration/segregation topics

* Support and give guidance on the test driven development practices and the implementation thereof in the pipelines in a DevSecOps style

* Efficiently leverage Azure services for addressing security concerns (ie WAF)

* Own the integration with Azure Active Directory and IAM

* Continuously work with the teams to improve all components as the use-cases grow more complex

* Facilitate pen-tests with an external partnert

* Ensure compliance with the company wide digital governance framework, audit and various security technical standard

* Security Documentation for internal quality assurance and external audits

Skills:

* Public Cloud relevant experience with practical implementation of the security standards: OWASP 10, ISO/IEC 27002, ISO/IEC 17788

* Expert Knowledge of AuthN concepts and techniques, eg RBAC, ABAC

* Expert Knowledge of AuthZ frameowrks, techniques and tools (OAuth2)

* Strong and proven Automation experience with CI/CD in the public cloud using industry standards such as maven, gradle

* Expert Knowledge of git

* Knowledge of Kubernetes deployments (eg sidecar), container isolation, multi-tenancy and software defined networking

* Knowledge of static code scanning best practices

* Test driven development: understands semantics of unit tests and end to end integration tests and the imperative for continuous testing

* Worked with CI/CD for integration, migration and deployment: Experience in automated build, test & deploy with an explicit focus on state-management and state-handling

* Strong understanding of networks: especially how Layer 7 design needs to align with Layers 3-6 in the public cloud, Expert Knowledge of multi-cloud Firewall design

* Excellent communication in English, written and spoken

* Delegation and (self-)management skills for working in a flat and distributed team

* Encryption tools and techniques

* Strong Experience with "Infrastructure as Code"

* Linux OS (alpine, Ubuntu, SLES) and Unix

* Knowledge of micro-service architecture

Reference: 1608477773

Set up alerts to get notified of new vacancies.