Senior Azure Cloud Security Engineer

Group 107

  • Neuquén
  • Permanente
  • Tiempo completo
  • Hace 15 horas
IMTC is looking for a Senior Azure Cloud Security Engineer to strengthen and scale our cloud network security capabilities across a distributed engineering organization operating in the US, Europe, and Latin America.
This is an opportunity to take meaningful ownership within a mature, Azure-native security practice at a company redefining fixed income technology.
You will work closely with engineering leadership and the CTO to advance our Azure network architecture, deepen our zero-trust posture, and ensure our security program continues to meet the rigorous expectations of enterprise clients and regulatory auditors alike.
You will be a key voice in client-facing security reviews and enterprise onboarding engagements.
Requirements
5+ years of experience in cloud infrastructure or security engineering, with at least 3 years focused on Microsoft Azure
Deep hands-on expertise with Azure Firewall Premium, NSGs, Private Link, VNet peering, and hub-spoke / VWAN topology
Strong working knowledge of Entra ID (Azure AD), Conditional Access, and Privileged Identity Management (PIM), and managed identities
Proven experience integrating external identity providers (e.g., Okta, Ping Identity, Auth0) with Azure AD / Entra ID using SAML, OIDC, or OAuth 2.0
Experience operating Microsoft Defender for Cloud and Microsoft Sentinel (SIEM/SOAR)
Solid grounding in zero-trust architecture principles and practical implementation in an Azure-native environment
Hands-on experience with SOC 2 — producing evidence, working with auditors, and owning control domains
Experience supporting enterprise client security reviews or completing vendor DDQs
Comfortable working in a fast-paced, distributed engineering team using agile methodologies and DevOps practices
English – Advanced (C1)+
Nice to have
Experience with IaC tools (Terraform, Bicep, or ARM templates) is a strong advantage
Background in financial services, FinTech, or regulated industries is a strong advantage
Relevant certifications (AZ-500, SC-100, SC-200, CISSP, CCSP) are a plus but not required
Responsibilities
Own and continuously improve IMTC's Azure network architecture, including VNet topology (hub-spoke or VWAN), NSGs, Azure Firewall Premium, and Private Link / Private Endpoints
Drive the maturation of our zero-trust security model across the Azure environment, including Entra ID Conditional Access, PIM, and workload identity management
Operate and enhance Microsoft Defender for Cloud and Microsoft Sentinel — tuning detection, managing incidents, and improving coverage
Maintain and strengthen network security controls aligned with SOC 2 Type II (CC6/CC7) requirements
Produce and maintain security documentation, including network diagrams, data flow maps, and evidence packs for auditors and enterprise client due diligence questionnaires (DDQs)
Evaluate and govern ExpressRoute / VPN Gateway configurations for the client-dedicated connectivity
Design and manage integrations with external identity and authentication providers (e.g., Okta, Ping Identity, Auth0), including SAML, OIDC, and OAuth 2.0 federation with Entra ID
Partner with full-stack engineering teams to embed security practices into CI/CD pipelines and DevOps workflows
Serve as a technical authority on cloud security architecture in client security reviews and enterprise onboarding engagements
Proactively assess and advance our cloud security posture as the client scales and infrastructure complexity grows
Please apply
We look forward to reviewing your application.
#J--Ljbffr

Buscojobs