Security and Compliance Engineer

Job Summary

A company is looking for a Security and Compliance Engineer.

Key Responsibilities

• Perform in-depth security and risk assessments for services deployed on Azure and Power Platform
• Document risks in the Risk Register and ensure accurate linkage to corresponding remediation actions
• Collaborate with engineering teams to track progress on risk mitigation and provide technical guidance

Required Qualifications

• CISSP certification or equivalent (e.g., SANS GIAC certifications) is required
• 5+ years of hands-on experience with Azure, including familiarity with its security architecture and services
• 3+ years of experience in security assessments, threat modeling, and risk analysis
• 1+ year of experience in risk management, with knowledge of NIST CSF v2 or other relevant control frameworks
• Strong understanding of web application security, threats, and mitigation strategies