Job Description
Link Technologies (LinkTechConsulting.com), a Las Vegas-based IT consulting firm, is currently seeking a Microsoft Azure Security Assessment Consultant to join our team in Denver, CO.
JOB SUMMARY
This role will work with the business technologies information security team to conduct a comprehensive security assessment of our Microsoft Azure environment, identify security gaps, and provide actionable recommendations to enhance overall security posture, governance, and compliance.
REQUIREMENTS
- Five (5) years of hands-on Azure experience, whether in administration, engineering, architecture, or security is strongly preferred.
RESPONSIBILITIES
- Evaluate Architecture:
- Review the Azure cloud architecture to identify potential security design flaws.
- Assess alignment with Microsoft’s Cloud Adoption Framework, NIST CSF, and Zero Trust principles.
- Recommend Azure Security Policies:
- Recommend security baselines and Azure Policy definitions for security hardening.
- Identify and suggest policy initiatives (built-in and custom).
- Design CrowdStrike Cloud Sensors and Connectors:
- Assist with architecture and deployment planning for CrowdStrike sensors or connectors to enable real-time visibility and protection of cloud workloads, containers, and other Azure systems.
- Validate the Azure and Defender Ecosystem:
- Ensure CrowdStrike integrates effectively with Azure native tools such as Microsoft Defender for Cloud and Sentinel for event correlation, alerting, and incident response.
- Policy and Configuration Review:
- Review and recommend CrowdStrike policies to align with cloud security best practices (e.g., runtime protection, vulnerability detection, identity protection).
- Enable Continuous Monitoring and Alerts:
- Recommend dashboards, alert thresholds, and define escalation paths for cloud-specific threat detections within the CrowdStrike console.
- Knowledge Transfer and Documentation:
- Provide documentation and a walkthrough on how to monitor, maintain, and respond to alerts generated by CrowdStrike within the Azure environment.
- Review Firewall Rules and NSGs
- Analyze Firewall and Network Security Group (NSG) configurations.
- Identify overly permissive rules or potential misconfigurations.
- Recommend remediation and segmentation improvements.
- Role-Based Access Control (RBAC)
- Evaluate existing RBAC assignments for “least privilege” adherence.
- Identify use of overly broad role assignments.
- Recommend custom roles where applicable.
- Privileged Identity Management (PIM)
- Review implementation of Azure AD PIM.
- Validate configuration of just-in-time (JIT) access and approval workflows.
- Ensure administrative access is limited and monitored.
- Review Remote Access Methods:
- Assess all methods used to access Azure and connected resources remotely (e.g., VPN, Bastion, Just-in-Time VM access, remote desktop protocols, Azure Arc).
- Confirm that remote access events are being logged, retained, and monitored within Sentinel or other SIEM tools.
- Validate alerting for unusual access behavior.
- Microsoft Defender for Cloud
- Review Defender for Cloud configuration and coverage.
- Validate security recommendations and assess secure score posture.
- Ensure threat protection capabilities are appropriately enabled.
- Network Security
- Analyze Virtual Network (VNet) configurations and peering.
- Review ExpressRoute, VPN Gateways, and perimeter controls.
- Assess segmentation and network-level threat protection.
- Key Vault and Secrets Management
- Assess Azure Key Vault access policies, RBAC integration, and use of managed identities.
- Review expiration, rotation policies, and audit logging.
- Vulnerability Management
- Evaluate available vulnerability scanning tools and make recommendations on the future state.
- Review patch management practices and reporting.
- Resource Configuration Drift
- Analyze tools or scripts in place to detect drift from desired configurations.
- Recommend remediation and alerting mechanisms.
- Backups and Site Recovery
- Review backup policies and configurations.
- Evaluate replication and disaster recovery strategies for critical workloads.
- Log Collection and Alerting
- Review diagnostic log collection configurations.
- Validate log retention policies and storage accounts.
- Review alert rules and action groups for completeness and relevance.
- Azure Sentinel Integration
- Assess Azure Sentinel deployment and data connector coverage.
- Review workbook, analytic rule, and incident configurations.
- Validate SOAR (automation) playbooks and alert tuning.
- SQL and Azure Database Security
- Verify that transparent data encryption (TDE), threat detection, auditing, and firewall settings are properly configured for all SQL and PaaS database resources.
- Evaluate access control and use of Private Endpoints.
- CI/CD Pipeline Security
- Review Azure DevOps or GitHub-based CI/CD pipelines.
- Assess identity use, secrets management, and security scanning in pipelines.
- Recommend improvements for code-to-cloud traceability and shift-left security.
Pay rate: $80-$95/hourLink Technologies is an equal opportunity employer. All qualified applicants will receive consideration for employment without discrimination based on race, color, religion, sex, gender identity/expression, sexual orientation, national origin, protected veteran status, disability, or any other factors protected by law.