Azure Security Engineer
Role summary
This 12-month contract role for an Azure Security Engineer focuses on operationalizing NIST SP 800-53 controls within an Azure Public Cloud environment. The engineer will implement and validate controls, translate security requirements into Azure configurations, and provide technical guidance to engineering and cybersecurity teams. Key responsibilities include managing identity, network security, encryption, logging, and leveraging Microsoft security solutions like Defender and Sentinel. The role requires 5+ years of Azure security experience, deep knowledge of NIST SP 800-53 and RMF, and experience supporting regulated environments and audit processes.
Job Title-- Azure Security Engineer
Assignment Duration-- 12 Months Contract to Start
Work Location-- New York, NY
Work Schedule-- M-F, 8:00 AM-5:00 PM
Onsite Expectations-- 4 days per week in the office.
Summary:
This role requires strong Azure technical depth, comprehensive knowledge of Microsoft security controls, and the ability to both execute hands-on security configurations and guide cross-functional teams in operationalizing compliance.
Azure Security Engineer – Azure Public Cloud Role Overview Hands-on Security Engineer supporting the operationalization of NIST SP 800-53 controls within an Azure Public Cloud environment. Responsible for implementing and validating NIST SP 800-53 controls while guiding Cloud Engineering and Cybersecurity teams to ensure secure, complaint, and audit-ready deployments aligned to ATO and continuous monitoring requirements. Must have deep knowledge of Microsoft security capabilities, including the full Defender suite.
Key Responsibilities:
- Support implementation and operationalization of NIST SP 800-53 controls in Azure Public Cloud.
- Translate NIST SP 800-53 and RMF requirements into Azure-native configurations, guardrails, and engineering backlog items.
- Provide technical security guidance to Cloud Engineering, DevOps, Infrastructure, and Cyber teams to ensure compliant architectures and deployments.
- Implement and validate controls across: o Microsoft Entra ID (RBAC, PIM, Conditional Access, identity governance) o Azure Policy and governance initiatives o Network security (NSGs, Azure Firewall, Private Endpoints, segmentation) o Encryption and key management (Key Vault, CMK, TLS) Logging, monitoring, and SIEM integrations.
- Leverage and configure Microsoft security solutions including: o Microsoft Defender for Cloud o Defender for Endpoint o Defender for Identity o Defender for Office 365 o Defender for Cloud Apps Microsoft Sentinel.
- Contribute to SSP updates, control narratives, evidence collection, and POA&M tracking.
- Perform control gap assessments and support remediation execution.
- Support independent assessments and ongoing continuous monitoring activities.
Required Qualifications:
- 5+ years in security engineering with strong Azure Public Cloud security experience.
- Direct experience supporting regulated high- or moderate-baseline cloud environments.
- Deep working knowledge of NIST SP 800-53 and RMF.
- Strong expertise across Microsoft security controls and the Microsoft Defender ecosystem.
- Experience supporting audit readiness and ATO lifecycle processes.
Preferred
:
- Azure Security Engineer Associate (AZ-500) or equivalent.
- CISSP, CCSP, CAP, or similar certification.
- Experience automating compliance using Azure Policy, ARM/Bicep, or Terraform.
- Familiarity with Zero Trust architecture in Microsoft environments.
Similar roles
- Senior Azure Security EngineerApplied Technical Services LLC · Marietta, Georgia, United States · Onsite
Azure Security EngineerTata Consultancy Services · Chicago, Illinois, United States · Onsite
Azure Security EngineerTechies Group · Chicago, Illinois, United States · Onsite- Azure Security EngineerTata Consultancy Services · Chicago, Illinois, United States · Onsite
- Azure Security EngineerAmerican business solutions inc · New York, United States · Onsite
