Information Systems Security Manager for Empower AI working on AROWS compliance and security inspection. Develops policies and procedures for information security and risk management.
About the role
- Cloud Security Engineer at Atreides focusing on Microsoft Azure security and maintaining a secure environment across cloud, endpoint, and infrastructure. Design security automation tools and manage incident response.
Responsibilities
- Design, build, and maintain security automation and tooling to enforce controls and simplify compliance.
- Build and manage identity & access management controls across cloud platforms and applications.
- Write and review Infrastructure-as-Code (Bicep/Terraform) for secure cloud configuration.
- Implement preventative and detective controls in Azure; automate remediation of alerts.
- Secure CI/CD pipelines, integrating results from SAST/DAST/SCA tools and ensuring supply chain integrity.
- Engineer solutions for Kubernetes security, focusing on RBAC, network policies, and runtime protection.
- Perform triage, containment, eradication, and recovery activities as part of incident response, ensuring threats are effectively mitigated.
- Develop and optimise security detections (Sentinel, KQL, YARA).
- Manage log sources, ingestion pipelines, and monitoring infrastructure.
- Conduct threat hunting and analysis to identify emerging risks.
- Lead and contribute to incident investigations, including post-mortem analysis and remediation actions.
- Identify, track, and remediate vulnerabilities across cloud, endpoint, and infrastructure.
- Implement controls from security assessments, audits, and architecture reviews.
- Support third-party risk assessments and vendor due diligence.
- Maintain documentation of security standards, runbooks, and procedures.
- Participate in security-related projects and lead implementation of new security solutions.
Requirements
- 3+ years in security engineering or security operations, ideally in cloud-first environments.
- Strong understanding of cloud security architecture with hands-on experience securing cloud infrastructure and services.
- Hands-on experience with the Azure security stack, including Microsoft Defender for Cloud (recommendations, alerts, Secure Score), Azure Policy, and related security tooling.
- Proficiency with SIEM platforms (Azure Sentinel preferred), developing detections and alerts, tuning rules, and investigating incidents.
- Proven incident response capability including triage, investigation, containment, eradication, and recovery.
- Practical experience integrating security into software and system development lifecycles.
- Experience with endpoint security solutions and MDM/EMM tools.
- Experience securing containerised environments (Kubernetes) and CI/CD pipelines.
- Proficiency in scripting and automation (PowerShell, Python, KQL, Bicep).
- Strong understanding of network security — protocols, firewalls, IDS/IPS, WAFs, and infrastructure hardening.
- Familiarity with incident response frameworks (NIST, SANS).
- Experience configuring and using cloud-native security logging, monitoring, and detection services.
- In-depth knowledge of security principles, attack vectors (OWASP Top 10, MITRE ATT&CK), and the threat landscape.
Benefits
- Comprehensive health, dental, and vision insurance plans
- Flexible hybrid work environment
- Additional benefits like flexible hours, work travel opportunities, competitive vacation time and parental leave
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
HSE Coordinator responsible for implementing health and safety policies for Veepee. Supporting workplace safety, fostering safety culture, and ensuring compliance in diverse sectors.
Customer Support Engineer providing technical support for mobile device security solutions. Responsible for ensuring customer satisfaction through collaboration with product and engineering teams.
Commercial Sales Executive responsible for promoting and selling Johnson Controls Security services in assigned territory. Securing profitable sales while ensuring customer retention and satisfaction.
Senior AppSec Engineer optimizing application security controls in Flutter's development ecosystem. Managing SAST/SCA tools and conducting vulnerability analyses in a hybrid work environment.
Senior Lead Information Security Office Consultant at Capital One, consulting on initiatives to enhance Information Security. Collaborating with technology teams to manage cyber security risks and ensure data protection.
Stage QSE en sécurité pour réviser le Document Unique d’Évaluation des Risques Professionnels. Accompagnement du Responsable QSE sur divers projets structurants.
Senior Security Data Scientist developing innovative AI solutions for security challenges at Desjardins Group. Collaborating on data analysis and monitoring initiatives to enhance security posture.
Cybersecurity Manager leading corporate - level cybersecurity strategy in hybrid DoW and commercial sectors. Responsible for securing space systems and managing risk across various platforms.
Program Security Officer overseeing security operations for T2S Solutions supporting classified satellite and mission operations. Managing compliance with DoD and Intelligence Community security requirements, enabling effective operations.