In This Role

In this role, you will support a large, enterprise‑scale environment by driving security governance, policy development, and compliance execution across multiple services and cloud environments. You will partner closely with service owners, engineering teams, and security stakeholders to develop strong access controls, assess and remediate risk, implement monitoring, and automate routine security tasks. This position combines hands‑on technical security administration with programmatic oversight, ensuring compliance gaps are closed, privileged access is minimized, and security best practices are consistently applied across infrastructure and cloud platforms.

Responsibilities

Security Governance & Policy Development

• Design, document, and implement enterprise security policies in collaboration with service SMEs and business units.
• Build policies and practices that scale across multiple services and Azure subscriptions.
• Develop and implement controls that enforce least‑privilege access while ensuring business continuity.
• Create policies supporting separation of duties for privileged functions.
• Identify, document, and escalate areas of risk to appropriate stakeholders.

Compliance, Auditing & Risk Reduction

• Review compliance reports and track remediation work needed to close security gaps.
• Audit logs, permissions, and privileged access groups; document findings and implement mitigation steps.
• Conduct regular reviews of infrastructure services to identify risks and drive remediation with partner teams.
• Collect requirements for new compliance metrics, communicate transition plans, and track progress through completion.

Security Operations & Advisory Work

• Provide ad hoc consultation on security best practices related to infrastructure, Azure services, data handling, and user permissions.
• Advise engineering teams on secure system design; escalate issues and collaborate with security partners to align on solutions.
• Support service teams in responding to security events, analyzing logs, and driving remediation efforts.

Automation & Monitoring

• Automate recurring security processes and tasks to improve consistency and reduce manual effort.
• Design and implement monitoring solutions to detect changes in privileged groups and critical systems.
• Work through project backlogs related to security enhancements, automation rollout, and policy implementation.

• 8+ years experience in IT and security administration roles.
• 5+ years experience with Azure services and Azure security concepts.
• 5+ years experience in identity and policy management.
• 8+ years experience with Windows, SQL Server, and network security administration.
• Strong understanding of enterprise security principles, governance, and least‑privilege models.
• Experience auditing permissions, analyzing logs, and remediating security gaps.
• Ability to collaborate with cross‑functional engineering and operations teams.

• Experience with threat modeling methodologies or tools.
• Prior experience working in large, complex enterprise environments.
• Familiarity with building scalable security controls across multi‑subscription or multi‑service cloud environments.
• Experience developing automation for security operations (e.g., PowerShell, Azure automation, policy‑as‑code).
• Strong documentation and communication skills for policy creation and stakeholder alignment.