Responsibilities Hexagon’s Asset Lifecycle Intelligence division(Hexagon) is seeking an experienced Azure Security Engineer with a background in on-premises or cloud environments. In this role, you will leverage your extensive knowledge to secure our Azure environment by designing, implementing, and maintaining advanced security features. Your innovative approach to cloud security, combined with hands-on skills such as testing or scripting, will be essential in fortifying our security measures and ensuring robust protection across our infrastructure. As an Azure Security Engineer, you will partner with development teams and site reliability engineers (SRE) to establish secure development and deployment practices. You will oversee the migration of AWS infrastructure to Azure, improve advanced logging and SIEM solutions, and create security solutions. Your responsibilities will also include conducting security assessments, creating dashboards or reports, and coordinating with external penetration testers. This role offers an exciting opportunity to grow and make a significant impact in a dynamic and evolving environment. If you are a seasoned IT professional with a passion for cloud security, we encourage you to apply. Help design and implement secure system architectures, ensuring compliance with regulations and standards while managing business and security risks. Collaborate closely with development teams to implement secure, efficient code and deployment strategies. Ensure security checks are integrated into CI/CD pipelines using tools like Azure DevOps Security to catch vulnerabilities early. Develop, test, and deliver security policy as code using public container platform services. Monitor, analyze, and respond to security incidents with logging and SIEM; provide security guidance to project teams and SREs and assist in the remediation of security issues. Actively participate in continuous learning to ensure the latest security trends are integrated into Azure environments. Understand industry standard controls such as CIS, NIST, GDPR, ISO, and CSA CCM, and review cloud service configurations to ensure compliance with best practices and policies. Qualifications 4+ years of experience with cloud-specific technologies such as Azure and Kubernetes. Proven experience in a Cloud Infrastructure Engineering/Platform Engineer/Security Engineer role, deploying and maintaining large-scale public cloud services. Strong scripting skills in any language to read and improve existing security scripts and configurations. Experience in provisioning security policy as code (IaC) tools such as Terraform to enforce secure code practices and guidelines. Practical cloud security experience, particularly in monitoring, analyzing, and responding to security incidents. Strong communication skills, both verbal and written, with the ability to convey complex technical concepts to non-technical stakeholders. Up-to-date knowledge of the latest security trends, vulnerabilities, and technology advancements. Sound knowledge of Identity and Access Management techniques (Azure AD, RBAC, Identity Protection, PIM, SSO). In-depth knowledge of application security principles, secure coding practices, and common security frameworks (OWASP, NIST, etc.). Preferred Deep understanding of container security in platforms such as Kubernetes. Familiarity with tools such as Azure Security Center, AWS Inspector, Qualys, Nessus, Azure DevOps Security, GitHub Security Lab, OWASP ZAP, Burp Suite, Azure Policy, AWS Config, and CSPM solutions. Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Kubernetes Administrator (CKA), or equivalent. Hands-on experience in scripting languages such as PowerShell, Python, or Bash. Experience coordinating with external penetration testers or red teams. Proven ability to perform regular vulnerability scans and remediate findings. Good networking knowledge (next-gen firewalls, Layer 3 – 7 security, edge security, TLS/mTLS). Experience conducting incident response drills and tabletop exercises. Hexagon will not sponsor applicants for a work visa for this position.
#LI-EW1 #LI-REMOTE
CI/CD Infrastructure as Code (IaC) aws-config Python powershell Terraform Amazon Web Services (AWS) RBAC OWASP single-sign-on Cloud Security Posture Management Burp Suite Kubernetes azure-security Azure DevOps pim qualys Bash nessus azure-security-center azure-policy