Lead, Cloud Security (Azure)

1. Develop identity and access control policies across Entra, Azure IAM, and B2C to secure infrastructure and sensitive data. 
2. Design and implement proactive protection using Azure Policy; hands-on experience required.
3. Analyze security recommendations from Defender products, external ASM, VAPT reports and provide remediation plans.
4. Review the Azure infrastructure to identify security risks.
5. Translate security risks into business risks and communicate to relevant departments.
6. Automate tasks using PowerShell, Python, and other tools.
7. Work with operations and engineering teams to implement security measures.
8. Secure and manage Microsoft 365 services with Microsoft Defender.
9. Collaborate with SOC Teams to convert anomalies into actionable alerts.
10. Implement data protection measures in Azure and Microsoft services.
11. Conduct external threat hunting and correlate findings with internal cloud environments.
12. Experience with Azure and Containers operations is a plus.

1. Formal education in Cyber Security, demonstrated through certifications.   
2. Proficiency in information security domains including vulnerability assessments, penetration testing for web and mobile apps, security principles, incident response, BCP & DR, access control, network security, and security operations.
3. Advanced experience in securing Azure environments with Azure Policies and Defender products.
4. Hands-on experience with Azure Networking services like VNET, DNS, NSG, Front Door, and Private Links.
5. Skilled in writing KQL and Graph queries with strong analytical abilities to interpret security data and develop insights.
6. Understanding of OWASP Top 10 and Zero Trust principles.
7. Experience in securing Microsoft 365 services, including Entra, using the Defender portal.
8. Familiarity with Microsoft Purview, AI-Hub, Label, SIT, and DLP policies.
9. Basic knowledge of Microsoft Sentinel/XDR, threat intelligence, and threat hunting.
10. Experience with Azure Automation, PowerShell, and Python scripting is an added advantage

Experience:

6 to 10  years of experience in information security with hands-on experience with Microsoft Defender and Defender for Cloud

Certifications:

1. Preferred to have Microsoft and Azure certifications like AZ-500, SC-200, SC-300, SC-400, SC-100, 
2. ISC2 CC (Certified in Cybersecurity) is recommended

Icertis is the global leader in AI-powered contract intelligence. The Icertis platform revolutionizes contract management, equipping customers with powerful insights and automation to grow revenue, control costs, mitigate risk, and ensure compliance - the pillars of business success. Today, more than one third of the Fortune 100 trust Icertis to realize the full intent of millions of commercial agreements in 90+ countries.