Vanguard

Senior Cloud Security Specialist – Microsoft Azure

Vanguard

full-time

Posted on:

Location Type: Hybrid

Location: MalvernArizonaNorth CarolinaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AzureCloudCyber SecuritySQLVault

About the role

  • Act as a subject matter expert for Azure cloud security, providing hands-on leadership across detection, investigation, and response activities
  • Design, configure, and optimize Microsoft Defender for Cloud security controls, recommendations, and alerting
  • Monitor and investigate security events using Azure Activity Logs, Entra ID logs, network flow data, and workload telemetry
  • Design, implement, and tune Azure Web Application Firewall (WAF) protections to defend against OWASP Top 10 threats, bot activity, and application-layer attacks.
  • Identify and analyze attack paths and exposure chains across Azure subscriptions, management groups, and hybrid environments
  • Integrate Azure security telemetry with CNAPP, SIEM, and SOAR platforms to enable end-to-end threat visibility
  • Assist in the development of automated response playbooks for identity, compute, and network-based incidents
  • Lead cloud-native incident response, including triage, containment, eradication, and recovery
  • Produce clear investigation reports, root cause analyses, and post-incident recommendations
  • Provide architectural guidance on secure Azure design, including identity, networking, workload isolation, and data protection
  • Partner with engineering teams to embed security controls into CI/CD pipelines and infrastructure-as-code workflows

Requirements

  • 7+ years experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles.
  • Deep hands-on experience with Microsoft Azure security architecture, including Entra ID (Azure AD), RBAC, Azure Policy, VNets, Private Endpoints, and Azure Monitor
  • Expert-level knowledge of Microsoft Defender for Cloud, including CSPM, workload protection plans, secure score, and risk prioritization
  • Experience with Azure-native protection services such as Defender for Servers, Containers, Storage, SQL, and Key Vault
  • Strong investigation skills using cloud-native logs, behavioral analytics, and security telemetry
  • Familiarity with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca)
  • Knowledge of cloud security frameworks such as MITRE ATT&CK and CSA CCM
  • Experience with regulatory and compliance requirements (e.g., ISO 27001, GDPR, SOX) in cloud environments
  • Undergraduate degree in Technical discipline, Computer Science or related field required. Graduate degree preferred. CISSP preferred.
Benefits
  • Health insurance
  • 401(k)
  • Flexible working arrangements
  • Professional development opportunities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Azure cloud securityMicrosoft Defender for CloudAzure Activity LogsAzure Web Application Firewallautomated response playbookscyber securitycyber investigationscyber threat intelligencebehavioral analyticscloud-native logs
Soft Skills
leadershipinvestigation skillsclear communicationarchitectural guidance
Certifications
CISSP