Software Development Engineer 3

Join our team to support and enhance the security posture and compliance readiness of cloud-based services hosted in Azure and Power Platform. This role involves conducting detailed security and risk assessments, driving remediation activities, analyzing compliance telemetry, and leveraging automation to scale secure engineering practices.

• CISSP certification or equivalent (e.g., SANS GIAC certifications).
• 5 years of hands-on experience with Azure, including familiarity with its security architecture and services.
• 3 years of experience in security assessments, threat modeling, and risk analysis.
• 1 year of experience in risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks.
• Strong understanding of web application security, threats, and mitigation strategies.
• Demonstrated ability to provide security and compliance support across multiple teams.
• Experience using Azure Data Explorer (Kusto) for compliance and security telemetry analysis.
• Experience with automation tools (e.g., PowerShell, Azure Logic Apps, CI/CD integration, scripting) to enhance compliance and risk workflows.
• Excellent communication, collaboration, and analytical skills.

• Experience with secure code reviews and static/dynamic analysis tools.
• Hands-on experience securing Power Platform, including Canvas Apps and Dataverse.
• Familiarity with compliance automation frameworks or platforms (e.g., Azure Policy, Client Purview).

• Perform in-depth security and risk assessments for services deployed on Azure and Power Platform.
• Document risks in the Risk Register, ensuring accurate linkage to corresponding remediation actions.
• Collaborate with engineering teams to track progress on risk mitigation and ensure closure.
• Provide technical guidance and hands-on remediation support, including dedicated office hours.
• Capture and standardize remediation steps, building reusable guidance for future scenarios.
• Analyze security and compliance datasets using tools like Azure Data Explorer (Kusto) to surface insights and summarize risk impact.
• Leverage automation to streamline risk tracking, compliance validation, and remediation workflows.
• Support and participate in security and compliance campaigns, aligning efforts with corporate and division-wide priorities.
• Track and manage assigned work via Azure DevOps, providing timely updates and clear documentation.

We are committed to fostering an inclusive environment that values diversity and encourages individuals from all backgrounds to apply. Our culture promotes collaboration, innovation, and professional growth.

For immediate consideration, please click APPLY or contact me directly at ...