Job Specifications
Overview: We are seeking a seasoned Azure Cloud Security Expert to lead security posture reviews and provide expert guidance across our Microsoft Azure environments. This role focuses on evaluating technical configurations, identifying risk, and advising stakeholders on cloud-native hardening strategies and control implementation.
Key Responsibilities:
Conduct in-depth security posture assessments across Azure tenants, subscriptions, and resource groups
Provide expert recommendations on secure implementation of Azure services (e.g., App Services, AKS, Key Vault, Storage Accounts, etc.)
Guide hardening initiatives using Azure Policy and customized security baselines
Review and assess Azure networking configurations (NSGs, ASGs, NAT Gateway, Private Endpoints, Azure Firewall, etc.) to identify misconfigurations and exposure
Evaluate and improve identity governance via Entra ID, Conditional Access, and Privileged Identity Management (PIM)
Deploy and interpret signals from Microsoft Defender for Cloud, Defender for Identity to support assessment activities
Identify and document control gaps based on frameworks such as ISO 27001, NIST CSF, and CIS Benchmarks
Collaborate with platform, DevOps, and architecture teams to review infrastructure and CI/CD pipelines, identifying security gaps and advising on secure-by-design improvements
Assess the implementation of Azure-native workload protection and CNAPP capabilities, providing recommendations to strengthen posture and ensure alignment with best practices
Required Skills & Experience:
5+ years of proven experience in Azure Cloud Security, including architecture reviews, posture assessments, and advisory engagements
Deep understanding of Azure IaaS/PaaS services and their secure configuration
Hands-on experience with the Microsoft-native security stack (Defender suite, Sentinel, Entra, Azure Monitor)
Familiarity with CNAPP capabilities through Azure-native solutions or third-party platforms
Strong command of Azure RBAC, role design, and just-in-time access governance
Ability to translate assessment findings into actionable remediation strategies and engage both technical and leadership stakeholders
Relevant certifications such as AZ-500, SC-100, or Microsoft Cybersecurity Architect are a strong plus
About the Company
DXC Technology is a Fortune 500 global IT services leader. Our more than 130,000 people in 70-plus countries are entrusted by our customers to deliver what matters most. We use the power of technology to deliver mission critical IT services across the Enterprise Technology Stack to drive business impact. DXC is an employer of choice with strong values, and fosters a culture of inclusion, belonging and corporate citizenship. We are DXC.
Know more