Security and Compliance Engineer

Job Summary

A company is looking for a Security and Compliance Engineer to protect cloud services and ensure compliance with security standards.

Key Responsibilities

• Conduct in-depth security and risk assessments for cloud-based services
• Document and manage risks within a centralized Risk Register
• Collaborate with engineering teams to implement effective risk mitigation strategies

Required Qualifications

• CISSP certification or equivalent (e.g., SANS GIAC certifications)
• 5+ years of hands-on experience with Azure, including its security architecture and services
• 3+ years of experience in security assessments, threat modeling, and risk analysis
• 1+ year of experience in risk management, with knowledge of NIST CSF v2 or other control frameworks
• Strong understanding of web application security threats and mitigation techniques