Job Opening For Cloud Security Engineer With Our Banking Client!!

Job Title: Cloud Security Engineer (Azure) / Information Security IVLocation: New York, NY (Onsite 4+ days per week)Duration: 12 months with possible extension or conversionPay range: $90-95/hr on W2Overview:We are seeking a Cloud Security Engineer with strong Client Azure security expertise to support the implementation and operationalization of NIST SP 800-53 security controls within an Azure Public Cloud environment. This role involves working closely with Cloud Engineering, DevOps, and Cybersecurity teams to ensure secure, compliant, and audit-ready cloud deployments aligned with ATO and continuous monitoring requirements.Responsibilities:

• Implement and operationalize NIST SP 800-53 security controls in Azure Public Cloud environments.
• Translate NIST and RMF requirements into Azure-native configurations, governance guardrails, and engineering backlog items.
• Provide technical security guidance to Cloud Engineering, DevOps, Infrastructure, and Cyber teams.
• Implement and validate security controls across Client Entra ID including RBAC, PIM, Conditional Access, and Identity Governance.
• Configure Azure security controls such as Azure Policy, NSGs, Azure Firewall, Private Endpoints, and segmentation.
• Manage encryption and key management using Azure Key Vault, CMK, and TLS.
• Implement logging, monitoring, and SIEM integrations using Client Sentinel.
• Configure and manage Client Defender security solutions including Defender for Cloud, Endpoint, Identity, Office 365, and Cloud Apps.
• Perform control gap assessments and support remediation activities.
• Support security audits, compliance documentation, SSP updates, and POA&M tracking.

Must have:

• Strong experience with Azure Public Cloud security engineering.
• Hands-on experience implementing NIST SP 800-53 security controls.
• Knowledge of Risk Management Framework (RMF).
• Experience with Client Defender security ecosystem.
• Experience with Azure identity security (Client Entra ID, RBAC, PIM, Conditional Access).
• Experience implementing Azure network security controls (NSGs, Azure Firewall, Private Endpoints).
• Experience with logging, monitoring, and SIEM tools such as Client Sentinel.
• Experience supporting audit readiness, ATO processes, and compliance environments.
• Azure Security Engineer Associate (AZ-500) certification.
• CISSP, CCSP, CAP, or similar cybersecurity certifications.
• Experience with automation tools such as Terraform, ARM Templates, or Bicep.
• Familiarity with Zero Trust security architecture in Client environments.
• Experience working in regulated or high-security cloud environments.