Search Jobs

Job Description

• Serve as the subject matter expert for Azure security architecture, including network security groups, Azure Firewall, Private Link, Key Vault, and Defender for Cloud.
• Design, implement, and maintain security controls across Azure subscriptions, resource groups, and workloads in alignment with HIPAA and HITRUST requirements.
• Develop and enforce Azure Policy and Management Group guardrails to prevent configuration drift and ensure continuous compliance.
• Conduct security reviews of infrastructure-as-code (Terraform, Bicep, ARM) and integrate security checks into CI/CD pipelines.
• Monitor and optimize Azure Secure Score and remediate findings from Microsoft Defender for Cloud.

• Administer and secure the Microsoft Entra ID (Azure AD) environment, including Conditional Access policies, Privileged Identity Management (PIM), and role-based access control (RBAC).
• Design and enforce identity governance workflows such as access reviews, entitlement management, and lifecycle automation.
• Implement and manage single sign-on (SSO), multi-factor authentication (MFA), and passwordless authentication strategies.
• Investigate and respond to identity-based threats using Entra ID Protection risk signals and sign-in analytics.

• Deploy, tune, and manage the SIEM platform (e.g., Microsoft Sentinel, Splunk, or equivalent), including log source onboarding, parser development, and data normalization.
• Develop and maintain detection rules, analytics rules, and automated playbooks/SOAR workflows to identify and respond to threats.
• Perform threat hunting and investigation activities, correlating events across cloud, identity, endpoint, and network data sources.
• Continuously refine alert fidelity to reduce false positives and improve mean time to detect and respond.

• Own the end-to-end vulnerability management program, including scanning, prioritization, remediation tracking, and exception handling.
• Deploy and manage vulnerability scanning tools across infrastructure, cloud workloads, containers, and application layers.
• Partner with Engineering and IT teams to establish SLA-driven remediation workflows and track compliance against patching targets.
• Produce vulnerability metrics and risk reporting for leadership, auditors, and compliance stakeholders.

• Manage and optimize the enterprise antimalware and endpoint detection and response (EDR) platform across all endpoints and servers.
• Develop and maintain endpoint security policies, exclusion management, and response procedures.
• Investigate endpoint-based alerts, perform root cause analysis, and coordinate containment and remediation activities.
• Ensure endpoint security coverage meets SOC 2, HITRUST, and HIPAA control requirements.

• Implement and manage web filtering and content inspection solutions to enforce acceptable use policies and protect against web-based threats.
• Maintain URL categorization policies, SSL/TLS inspection rules, and exception workflows.
• Monitor web filtering logs for policy violations, data exfiltration indicators, and emerging threat patterns.
• Collaborate with IT and network teams to integrate web filtering into the broader secure access architecture.

• Provide technical evidence and subject matter expertise for SOC 2 and HITRUST audits related to security engineering controls.
• Participate in incident response activities, including forensic analysis, containment, and lessons-learned documentation.
• Evaluate and recommend new security tools and technologies, building business cases for investment.
• Mentor junior team members and contribute to internal knowledge sharing and documentation.
   

• 7+ years of progressive experience in information security engineering, security operations, or infrastructure security.
• Deep hands-on experience with Microsoft Azure security services, including Defender for Cloud, Azure Firewall, NSGs, Key Vault, and Azure Policy.
• Strong working knowledge of Microsoft Entra ID (Azure AD), including Conditional Access, PIM, RBAC, and identity governance.
• Demonstrated experience deploying and managing a SIEM platform (Microsoft Sentinel, Splunk, or equivalent), including detection engineering and log management.
• Proven experience building or running an enterprise vulnerability management program, including scanning tools, prioritization frameworks, and remediation tracking.
• Hands-on experience managing antimalware and EDR solutions (e.g., Microsoft Defender for Endpoint, CrowdStrike, SentinelOne).
• Experience implementing and managing web filtering or secure web gateway solutions (e.g., Zscaler, Netskope, Microsoft Defender for Cloud Apps).
• Working knowledge of HIPAA Security Rule requirements and experience operating in a healthcare-regulated environment.
• Strong scripting and automation skills (PowerShell, Python, KQL, or equivalent) for security tooling and operations.
• Excellent communication skills with the ability to translate technical findings for compliance, audit, and leadership audiences.
• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

• Experience with Desktop-as-a-Service (DaaS) environments such as Azure Virtual Desktop, Windows 365, or Citrix, including endpoint security and access controls in virtual desktop architectures.
• Experience applying AI and machine learning to security operations, such as AI-driven threat detection, automated triage, LLM-powered security tooling, or AI-assisted vulnerability prioritization.
• Familiarity with security considerations for AI/ML workloads, including model security, prompt injection prevention, and data pipeline protection.
• Experience with Vanta or similar GRC automation platforms from a technical integration and evidence-collection perspective.
• Professional certifications such as AZ-500 (Azure Security Engineer), SC-200 (Security Operations Analyst), CISSP, GCIA, GCIH, or OSCP.
• Experience supporting SOC 2 and/or HITRUST audits from a security engineering perspective.
• Familiarity with zero trust architecture principles and implementation.
• Experience with infrastructure-as-code security scanning and DevSecOps pipeline integration.

• Remote - Within the United States and reliable high-speed internet but preference is to be based in, or within a commutable distance of our Dallas, TX office for occasional in-person meetings
• Multiple medical plan options 
• Health Savings Account with company contributions
• Dental & vision coverage for you and your dependents
• 401k with Company match
• Vacation, sick time & Company paid holidays
• Company wellbeing program with health insurance incentives