Senior Cloud Security

On a daily basis, we assume commitments and present solutions to our stakeholders in order to create a structure of human values, based on professionalism, honesty and rigor.

With a management based on Human Centered Design, we take care of our professionals with consistent career plans, but flexible with their needs and expectations of evolution. Our management team guarantees an empathetic and present leadership that will provide superior technological engagement and delivery to our clients' projects and products.

Project

As a senior member of the Cloud Co
E you will own the security and compliance strategy for our Microsoft Azure and Oracle Cloud Infrastructure (OCI) estates. You will translate the Azure & OCI Well-Architected Frameworks, the Azure Security Benchmark/Baseline, CIS Foundations Benchmark v2. 0, NIST SP 800-190
- security guidance, and other industry standards into practical, automated controls designing, building and continuously improving the secure landing zones that power our business‑critical workloads.

Role

• Propose and follow up with the various teams, the necessary improvements to increase the Security Score in Defender.
• Design secure
  - subscription /
  - tenant landing zones in Azure and OCI, aligned to the five Well-Architected pillars (Security,
• Reliability, Performance Efficiency, Operational Excellence, Cost).
• Drive
  - security reference architectures (AKS, OKE, ACI, OCI Containers, Kubernetes on Iaa
  S) that satisfy NIST SP 800-190 and NSA/CISA hardening guidance.
• Map regulatory and internal requirements to the Azure Security Benchmark/Baseline, CIS Azure/OCI 2. 0 controls, PCI DSS, ISO 27001 and SOC 2.
• Build automated policy as code (Azure Policy, OCI Guardrails, Terraform Sentinel, OPA/Gatekeeper) to enforce guardrails and generate evidence for auditors.
• Develop and maintain Ia
  C modules (Bicep/Terraform/OCI Resource Manager) with integrated security controls, reusable across product teams.
• Integrate static/dynamic Ia
  C security scans (Azure Defender for cloud, Oracle Guard tfsec, Trivy, Dockle) and container image signing into the CI/CD pipeline (Git
  Hub Actions/Azure Dev
  Ops/Argo
  CD).
• Configure Azure Security Center/Defender, Microsoft Sentinel, and OCI Cloud Guard to detect, triage and respond to threats.
• Establish KPIs/KRIs and real‑time dashboards for cloud posture, vulnerability debt and compliance drift.
• Act as a trusted advisor to engineering teams, running threat‑model workshops, training on secure coding, and championing a paved‑road Dev
  Sec
  Ops culture.
• Evaluate emerging controls (Confidential Computing, SBOM, DICE‑based attestation) and present recommendations to the Architecture Review Board.

We are looking for

• Hands‑on experience in improving the Security Score in Defender, through configuring Microsoft Security tools (Microsoft Defender for Cloud CSPM/CWPP, Defender for Endpoint, Defender for Cloud Apps, Microsoft DLP, Microsoft for Identity)
• 5+ years in infrastructure or security engineering, with 5+ years focused on public cloud (Azure and/or OCI).
• Proven design and delivery of secure landing zones at scale, including micro‑segmentation, identity & access boundary, logging pipeline, data‑classification and encryption strategy.
• Deep knowledge of Azure Well‑Architected Framework, Azure Security Benchmark/Baseline, CIS Foundations Benchmark v2. 0 (Azure & OCI), NIST SP 800-190, NIST CSF/800-53, and MITRE ATT cloud tactics.
• Hands‑on mastery with Terraform/Bicep, Kubernetes security (RBAC, network policies, Pod
  Security standards), container registry hardening and image‑signing (Cosign/Notary v2).
• Experience integrating cloud workloads with SIEM/SOAR platforms (Sentinel, Splunk, QRadar), EDR and CSPM tools (Wiz, Prisma Cloud, Microsoft Defender CSPM).
• Scripting / coding proficiency (Power
  Shell, Python, Go or similar) for automation and custom control development.
• Certifications: AZ-305 / AZ-500, OCI Architect Professional, CCSP or CISSP-ISSAP (or equivalent demonstrable expertise).
• Preferably with Cloud Oracle knowledge.

What you can discover with us?

• Be part of a tech start‑up
• Different scopes of project in different sectors
• Structure of fairness and equity salary (Consultant Profile)