This position is a direct hire opportunity in Metro, Detroit

This role involves guiding and mentoring team members in resolving cloud-related issues, responding to security incidents, and developing and implementing cloud security best practices across the organization. Additionally, the Senior Cloud Security Engineer will assist in the monitoring, analysis, and investigation of security events within the Trust's environment and play a key role in supporting the incident response process. Roles and responsibilities ? Security Controls Management: Implement, manage, and monitor robust security controls for Azure cloud, SaaS environments, and legacy on-premise environments. Helping to ensure protection across all platforms. ? Threat Modeling & Security Assessments: Conduct comprehensive threat modeling and security for cloud infrastructure. Prioritize security risks and address vulnerabilities that impact the Trust's capacity to safeguard, detect, investigate, and recover from security incidents. ? Security Reviews: Perform security reviews on high-risk Azure features, including design, source code, or final product evaluations. Leverage or develop new tools (e.g., static/dynamic analysis) to increase work efficiency and quality. Lead efforts to address security flaws and proactively implement security hardening measures to mitigate future vulnerabilities. ? Manage Defender for Cloud settings and configurations. Work with infrastructure team on remediations of security and compliance related gaps. ? Collaboration: Work closely with IT and other cross-functional teams to secure cloud infrastructure and SaaS applications, incorporating IT and compliance risk considerations in security implementations. ? Container Security: Ensure the security of containerized applications through the application of Kubernetes and microservices security best practices. Architect secure container environments, including Kubernetes clusters and Docker setups, with an emphasis on vulnerability reduction and compliance. ? Integration of Security in SDLC: Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle (SDLC) and continuous integration/continuous deployment (CI/CD) pipelines. ? SOC Tools & Technologies: Maintain operational readiness and optimize configurations of SOC-related tools and technologies such as SIEM and Vulnerability Management systems.

Partner with the Managed Security Service Provider (MSSP) to investigate security events and incidents. ? Incident Response: Manage incident response workflows and assist with security incident investigations, ensuring rapid and effective responses. ? Automation & Optimization: Implement and maintain event correlation rules, dashboards, and scripts to automate tasks and enhance security monitoring processes. ? Policy & Standards Development: Contribute to the creation and refinement of security policies, standards, and incident response playbooks to enhance organizational security postures. ? Security Project Leadership: Lead or significantly contribute to high-profile security projects, ensuring alignment with the Information Security Strategy while adhering to financial constraints.

Required Experience ? 5+ years of experience in Information Security. At least 3 years of Azure security experience. ? In-depth knowledge of a wide variety of Microsoft Azure products and services. ? Deep experience in cloud security including IAAS, PAAS, and SAAS ? Experience with cybersecurity frameworks such as CSM, NIST CSF, ISO 27001, or CIS Controls. A General understanding of COBIT is preferred. ? Experience in Programming (Python, .Net or C# or equivalent). ? Experience with writ