Lead Azure AI Security Engineer

• 3+ years of experience in software development
• Bachelor's degree in Computer Science, Information Security, Engineering or equivalent practical experience
• Hands-on experience with Microsoft Azure services
• Strong understanding of cloud security concepts, Azure architecture and enterprise-scale cloud environments
• Practical experience with Microsoft Entra ID/Azure Active Directory, Microsoft Defender for Cloud and Microsoft Defender XDR
• Skills in Microsoft Sentinel, Microsoft Purview and Microsoft Intune
• Proficiency in Conditional Access, Identity Protection and Privileged Identity Management
• Competency in Key Vault, Azure Policy and Azure Monitor/Log Analytics
• Strong engineering background including experience with Active Directory, Microsoft Entra ID, Microsoft 365, Exchange Online and hybrid identity
• Security engineering experience in at least one business or technology domain along with participation in at least several production projects
• Understanding of software development lifecycle, DevOps/DevSecOps practices, cloud security assessment methodologies and secure-by-design principles
• Ability to work closely with developers, business analysts, QA engineers, architects, project managers, infrastructure and operations teams and to follow, maintain and improve defined security processes
• Practical understanding of AI-assisted productivity and automation including building or configuring AI agents, integrating LLMs with tools, APIs and workflows, prompt engineering and using AI tools securely with awareness of sensitive data handling
• Good communication skills and ability to explain security risks, technical decisions and remediation plans to both technical and non-technical stakeholders

Nice to have:

• Skills in scripting and automation using PowerShell, Python, Bash, Azure CLI, Terraform or Bicep
• Familiarity with SIEM/SOAR platforms, especially Microsoft Sentinel, KQL and Logic Apps
• Experience with CNAPP/CSPM/CWPP/CIEM tools such as Prisma Cloud, Wiz and Orca or Lacework, Check Point CloudGuard and CrowdStrike or Tenable and Rapid7
• Understanding of compliance frameworks such as ISO 27001, NIST and CIS Benchmarks or PCI DSS, HIPAA and HITRUST
• Knowledge of container and Kubernetes security including AKS, container registries and image scanning
• Familiarity with AI/LLM platforms such as Azure OpenAI, Azure AI Foundry and Microsoft Copilot Studio or Semantic Kernel, LangChain and AutoGen
• Understanding of AI security risks including data leakage, prompt injection, excessive agency and AI supply chain risks
• Experience implementing AI governance and secure AI usage policies aligned with frameworks such as NIST AI RMF, OWASP Top 10 for LLM Applications or ISO/IEC 42001
• Certifications: AZ-500, SC-100, SC-200, SC-300, SC-400, AZ-104, AZ-305, CISSP, CISM, CISA, CCSK, CCSP, SSCP, AI-900, AI-102, PL-900/PL-200

• Provide technical leadership and subject matter expertise in securing Azure and Microsoft cloud environments at enterprise scale
• Design, implement and improve security architecture across Azure, Microsoft 365, Microsoft Entra ID, hybrid and multi-cloud environments, with Azure as the primary cloud platform
• Work across key cloud security domains including CSPM/CNAPP, Identity and Access Management, Privileged Access Management, Data Protection and Data Loss Prevention, Microsoft Defender security stack, SIEM/SOAR, Business Continuity and Disaster Recovery, DevSecOps, container and Kubernetes security and policy-as-code
• Plan, design and implement security controls for cloud workloads, applications, infrastructure and data
• Collaborate with engineering, infrastructure, development, DevOps, database, operations and compliance teams to embed security into the full delivery lifecycle
• Support implementation and continuous improvement of Zero Trust architecture, secure authentication, conditional access, least privilege and identity protection
• Develop and maintain automation scripts, workflows and security tooling using PowerShell, Python, Azure CLI, Logic Apps, Azure Functions, KQL and REST APIs
• Use AI-powered tools and agentic workflows to automate and improve security activities such as findings triage, log analysis, incident investigation support, configuration review, compliance evidence collection and vulnerability analysis
• Design or integrate AI agents and AI-assisted automations using modern AI platforms and frameworks while ensuring proper security, privacy and governance controls
• Contribute to secure adoption of AI technologies by defining guardrails for data protection, access control, prompt security, model usage, auditability and human-in-the-loop processes
• Train and support other team members on cloud security practices, security processes and AI-assisted automation approaches