Sysgain Inc
Website:
sysgain.com
Job details:
- Lead the deployment, configuration, and ongoing management of Microsoft Defender for Cloud, including secure score improvement, regulatory compliance mapping, and workload protection.
- Implement and manage Azure and M365 security tools, including Defender for Cloud, Microsoft Sentinel, Entra ID (Azure AD), Intune, Purview, and Conditional Access.
- Monitor, analyze, and respond to security alerts from Defender for Cloud, MDR vendors, and EDR platforms; perform investigation and root cause analysis.
- Configure and manage cloud security posture management (CSPM) and cloud workload protection (CWPP) capabilities within Defender for Cloud.
- Implement and maintain network security controls, including firewalls, VPNs, NSGs, WAFs, and Azure network segmentation.
- Manage identity and access governance across Azure AD and M365 using RBAC, MFA, and least-privilege principles.
- Conduct vulnerability assessments using Defender for Cloud recommendations and oversee remediation tracking.
- Perform security and compliance reviews across Azure and cloud workloads, ensuring alignment with Defender for Cloud regulatory standards (e.g., HIPAA, NIST).
- Maintain security documentation (data flow diagrams, network diagrams, runbooks) and support tabletop exercises.
- Participate in incident response and disaster recovery testing; ensure RTO/RPO objectives are met.
- Collaborate with IT and compliance teams to align with HIPAA, NIST, and SOC 2 standards.
- Stay current with emerging threats and continuously optimize Defender for Cloud configurations and security posture.
Required Skills & Experience:
- 3–5+ years of experience in security engineering, cloud security, or infrastructure security roles.
- Minimum 2+ years of hands-on experience with Microsoft Defender for Cloud (required).
- Strong expertise in Defender for Cloud, including CSPM, CWPP, secure score management, and regulatory compliance features.
- Hands-on experience securing Microsoft Azure environments and integrating security services across M365.
- Strong working knowledge of Microsoft Sentinel, Entra ID (Azure AD), Intune, Purview, and Conditional Access.
- Experience implementing and managing cloud and network security controls, including NSGs, WAFs, firewalls, and segmentation.
- Practical experience with identity and access management, including RBAC, MFA, and least-privilege principles in hybrid environments.
- Experience with security monitoring, incident response, and collaboration with MDR/EDR providers.
- Experience leveraging Defender for Cloud recommendations for vulnerability management and remediation tracking.
- Familiarity with regulatory frameworks such as HIPAA, NIST, and SOC 2 in regulated environments.
- Ability to work cross-functionally and communicate security risks effectively to both technical and non-technical stakeholders.
- akbar.shah@sysgain.com
- 9154220598
Click on Apply to know more.