This Job Vacancy has Expired!

Azure Security Architect

K2 Partnering Solutions Ltd

Posted on May 26, 2022 by K2 Partnering Solutions Ltd

Zürich, Switzerland
Immediate Start
Annual Salary

Lead Azure Security Architect - Zurich 3 days per week

Our client in Zurich, a global leader in the finance environment, is looking for an English-speaking Lead Security Engineer until end of 2022 (extension is possible). The project is a multi-year finance Transformation project, greenfield on MS azure with both cloud-native and Legacy components.

Job Responsibilities:

* Working with the Cyber Risk team to ensure the companys security standards are implemented. Documentation of the measures implemented

* Understand all infrastructure as code (IaC) artefacts in Azure DevOps, with specific focus on Kubernetes, Kafka, Zookeeper, NoSQL (eg Couchbase)

* Secure the CI/CD process for IaC and Microservice (Spring Boot, Python) deployments

* Understand and oversee operations of wide scanning tools such as Aqua, NexusIQ, Qualys etc

* Ensure compliance with requirements on Encryption at rest and in transit

* Design, implement and ensure best practices of AuthZ, eg via token rotation: both for human and non-human

* Design, implement and maintain secrets management

* Design and implement a security aspect for configuration management

* Work with developers to understand the security context of the apps and their interaction with Apache Kafka, candidate will design & own the implementation of how Kafka will be secured

* Secure the platform against unauthorized access: design and implement life cycle (non-prod vs prod) for data

* Consult with infrastructure teams on network layouts and negotiate with other network teams on integration/segregation topics

* Support and give guidance on the test driven development practices and the implementation thereof in the pipelines in a DevSecOps style

* Efficiently leverage Azure services for addressing security concerns (ie WAF)

* Own the integration with Azure Active Directory and IAM

* Continuously work with the teams to improve all components as the use-cases grow more complex

* Facilitate pen-tests with an external partnert

* Ensure compliance with the company wide digital governance framework, audit and various security technical standard

* Security Documentation for internal quality assurance and external audits


* Public Cloud relevant experience with practical implementation of the security standards: OWASP 10, ISO/IEC 27002, ISO/IEC 17788

* Expert Knowledge of AuthN concepts and techniques, eg RBAC, ABAC

* Expert Knowledge of AuthZ frameowrks, techniques and tools (OAuth2)

* Strong and proven Automation experience with CI/CD in the public cloud using industry standards such as maven, gradle

* Expert Knowledge of git

* Knowledge of Kubernetes deployments (eg sidecar), container isolation, multi-tenancy and software defined networking

* Knowledge of static code scanning best practices

* Test driven development: understands semantics of unit tests and end to end integration tests and the imperative for continuous testing

* Worked with CI/CD for integration, migration and deployment: Experience in automated build, test & deploy with an explicit focus on state-management and state-handling

* Strong understanding of networks: especially how Layer 7 design needs to align with Layers 3-6 in the public cloud, Expert Knowledge of multi-cloud Firewall design

* Excellent communication in English, written and spoken

* Delegation and (self-)management skills for working in a flat and distributed team

* Encryption tools and techniques

* Strong Experience with "Infrastructure as Code"

* Linux OS (alpine, Ubuntu, SLES) and Unix

* Knowledge of micro-service architecture

Reference: 1608477773

Set up alerts to get notified of new vacancies.