Azure Platform Security Consultant

Capgemini is seeking experienced Azure Platform Security professionals to join our dynamic team. In this role, you will be instrumental in architecting, implementing, and continuously monitoring robust security controls across cloud and hybrid environments. Your primary focus will be to safeguard our clients' critical infrastructure, sensitive data, and digital identities.

Key Responsibilities

• Security Architecture: Design and implement secure foundational architectures and landing zones tailored for both hybrid and public cloud deployments.
• Threat Detection & Response: Configure and optimize Microsoft Sentinel for Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) capabilities. This includes developing custom Kusto Query Language (KQL) queries, automated playbooks, and insightful dashboards to streamline incident response processes.
• Posture Management: Utilize Microsoft Defender for Cloud to establish and enforce security baselines, conduct thorough vulnerability assessments, and ensure adherence to critical compliance frameworks such as GDPR and ISO 27001.
• Identity & Access Management (IAM): Architect and administer Microsoft Entra ID (formerly Azure AD) solutions, focusing on implementing robust security measures like Conditional Access policies, Privileged Identity Management (PIM), and Multi-Factor Authentication (MFA).
• Network Security: Design and deploy secure network segmentation strategies leveraging Azure Firewall, Virtual Network (VNet) peering, and private endpoints to enhance network resilience.

Required Technical Skills

• Core Security Tools: Demonstrated expertise with Microsoft Sentinel, Microsoft Defender for Cloud, and Azure Key Vault for comprehensive encryption and key management solutions.
• Automation & Infrastructure as Code (IaC): Proficiency in utilizing Terraform, Bicep, or ARM templates to integrate security principles into CI/CD pipelines, promoting a "security-by-design" approach.
• Scripting: Strong practical experience with scripting languages including PowerShell, Python, and Kusto Query Language (KQL).
• Endpoints: Hands-on experience with Microsoft Intune for effective endpoint security management and policy enforcement.

Experience & Qualifications

Experience Levels:

• Engineer: 3 to 6 years of relevant experience.
• Specialist/Architect: 6 to 8+ years of experience, with a minimum of 3 years dedicated to cloud security architecture.

Certifications (Highly Preferred):

• AZ-500: Microsoft Azure Security Engineer Associate
• SC-100: Microsoft Cybersecurity Architect Expert
• SC-200: Microsoft Security Operations Analyst or SC-300: Microsoft Identity and Access Administrator