Azure Devops Security Engineer

Azure : DevOps Security Engineer

• Position Type: Full-Time
• Job Location: United States : Remote
• Experience: 7+ years
• Role Type : Contract / CTH / Full Time

• Must have Skills :
• Azure DevOps Security , Azure Active Directory (AAD ) ,CI/CD , Azure Kubernetes ,AKS Azure: Pipeline Security , Secrets Management , Infrastructure as Code or IaC
• Scripting languages ( PowerShell, Bash).
• Automation and configuration management tools ( Terraform, Ansible).

Position Overview:

We are seeking a highly skilled and experienced Azure DevOps Security Engineer to join our dynamic team. The ideal candidate will be responsible for implementing, managing, and operating scalable, highly available, and fault-tolerant systems on Azure. They will also be responsible for automating and supporting our software development and deployment processes, with a focus on ensuring security at every stage.

Key Responsibilities:

• Ensure the security of the Azure DevOps environment: Develop and implement comprehensive security strategies to protect Azure DevOps resources, ensuring they are secure against potential threats and vulnerabilities.
• Conduct regular security assessments and audits to identify and fix risks: Perform ongoing security evaluations and audits to uncover and mitigate security risks, ensuring compliance with industry standards and best practices.
• Define and manage Role-Based Access Control (RBAC) policies for secure access: Establish and oversee RBAC policies to control and regulate access to Azure DevOps resources, ensuring that only authorized users and groups have the appropriate levels of access.
• Integrate Azure DevOps with Azure Active Directory for user authentication: Seamlessly connect Azure DevOps with Azure Active Directory to enable secure user authentication and authorization, managing user identities, access policies, and directory synchronization.
• Implement security measures for CI/CD pipelines to prevent unauthorized access: Design and enforce robust security protocols for Continuous Integration/Continuous Deployment (CI/CD) pipelines to prevent unauthorized access and potential code injection attacks.
• Securely manage sensitive information like API keys and passwords within pipelines: Utilize best practices and tools to securely store and manage sensitive information such as API keys, passwords, and certificates within Azure DevOps pipelines, ensuring secure retrieval and usage.
• Apply security measures to artifacts stored in Azure Artifacts to prevent tampering: Implement and maintain security protocols to protect artifacts and packages stored in Azure Artifacts, preventing unauthorized access and tampering.
• Use best practices for managing and deploying infrastructure with Infrastructure as Code (IaC) tools: Implement and adhere to security best practices when managing and deploying infrastructure using Azure Resource Manager templates or other IaC tools, conducting thorough security reviews of configurations and deployments.
• Continuously monitor Azure DevOps activities and respond to security incidents in real-time: Establish and maintain continuous monitoring systems to track Azure DevOps activities, pipelines, and resources, enabling rapid detection and response to security incidents or anomalies.
• Maintain detailed logs and audits of user activities and access controls to meet compliance requirements: Ensure comprehensive logging and auditing of user activities, changes, and access controls within Azure DevOps, meeting regulatory and compliance requirements while providing a clear audit trail for security purposes.

Qualifications:

• Bachelor's degree in Computer Science, Engineering, or related field, or equivalent work experience.
• Strong experience with Azure and its various services (e.g., Azure DevOps, Azure Kubernetes Service, Azure Functions).
• Proficiency in scripting languages (e.g., PowerShell, Bash).
• Experience with automation and configuration management tools (e.g., Terraform, Ansible).
• Knowledge of best practices and IT operations in an always-up, always-available service.
• Experience with or knowledge of Agile Software Development methodologies.
• Excellent problem-solving and troubleshooting skills.
• Strong communication and collaboration skills.
• MongoDB setup and management experience is a plus.

Preferred Skills:

• Certifications in Azure (e.g., Azure DevOps Engineer Expert, Azure Administrator Associate).
• Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes).
• Familiarity with monitoring tools (e.g., Azure Monitor, Log Analytics).
• Understanding of network fundamentals (TCP/IP, DNS, VPNs, etc.).