Senior Cloud Security Engineer (Azure)
- Chicago, IL
- Permanent
- Full-time
Location : Chicago, IL
Target Start Date : 8/4/2025
Type: (C, CTH, D) Direct Hire
Pay Rate / Salary (Ranges OK) : Max $180,000 plus 10-15% bonus and benefitsSelling Point on Client -
Our client is an industry-leading manufacturer of building products and innovative solutions highlighted by Sheetrock®, Durock®, and Securock® Brands.
Headquartered in Chicago, USG serves construction markets around the world through its Gypsum, Performance Materials and Ceilings divisions. Its wall, ceiling, flooring, sheathing, and roofing products provide solutions that enable customers to build outstanding spaces where people live, work, and play.Our client is evolving its digital customer experience and translating the objective of being easiest to do business with into a sustainable technology roadmap. The digital transformation includes upgrading our technology stack and augmenting our teams, developing new digital platforms, and integrating a best-in-class eCommerce operating model to deliver exceptional customer experience from design planning to order delivery. The digital services are based on to be improved data and process models and will be provided for all our customers in the US, Canada, and LATAM.Job Description :
The Information Security Specialist will be a key role in the IT information security team, fully supporting the organization's digital transformation effort and is responsible for supporting the business transformation roadmap while ensuring the organization's IT security standards for safeguarding the environment, data, ensuring compliance with regulations, and protecting against security threats. They must ensure security controls are maintained and respond to cybersecurity risks or incidents.
Our client offers a hybrid workplace. The office location is Chicago, IL. Minimal travel may be required.Key Accountabilities and Responsibilities:
- Assessing application security: Responsible for reviewing proposed new systems, networks, and software designs for potential security risks, recommending mitigation or countermeasures, and resolving integration issues related to the implementation of new systems within the existing infrastructure
- Support security strategy: Develop and manage an enterprise-wide security strategy, and communicate performance to key stakeholders
- Ensuring compliance and security: Ensure data systems comply with relevant regulations and security standards. Develop measures to protect data privacy and ensure the security of data pipelines and analytics infrastructure
- Risk assessment: Lead cybersecurity risk assessments and mitigation efforts, and oversee incident management and response planning
- Collaboration and communication: Collaborate with cross-functional teams, especially within customer experience teams of the organization, including IT, data science, and business units of customer experience teams, to mitigate risk. Guide engineering teams in making informed security decisions on infrastructure, systems, and applications design
EducationBachelor's degree in computer science, Information Technology, Cyber Security, or a related field
Relevant certifications such as Azure Security Engineer Associate (AZ-500) or Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP)Required Skills :
- 7+ years' experience in information and cloud security, focusing on designing and implementing secure cloud computing solutions
- Strong expertise in Azure cloud security, including experience with Azure Security Center and Microsoft Defender for Cloud
- Understanding CASB, CSPM and CWPP tools; knowledge of cloud security frameworks, standards and best practices; and working with cloud IAM and IaaS, PaaS and SaaS native security capabilities. Understand how business architecture affects cloud security, and manage relationships with business teams using cloud so that you can plan for upcoming requirements
- Deep understanding of API security principles, technologies, and best practices. (e.g. OAuth, OpenID, REST, SOAP, GraphQL) Define and execute the product vision and strategy for API security, aligning with our business goals and customer needs. Document and evangelize secure API design patterns
- Lead cloud security assessments, provide gap analysis, and implement remediation plans
- Must be proficient in one or more scripting languages such as Python, PowerShell, Bash, etc.
- Solid understanding of IAM, key management, network segmentation, data protection, and zero trust architecture
- Proficiency in security tools and products, including firewalls, IDS/IPS, SIEM, and vulnerability scanning
- Ability to translate technical security risks into clear, concise, nontechnical terms
- Excellent problem-solving skills to address security challenges
- Strong collaboration skills with the ability to work effectively with cross-functional teams, including IT, data science, and business units of customer experience teams
- In-depth knowledge of IT security frameworks and regulations such as ISO 27001, NIST, and GDPR
- Excellent technical documentation and reporting skills
- Strong ethical standards and integrity
- Experience with security standards for cloud applications including in the implementation of digital solutions
- Ability to work with Application Developers, DevOps, and product teams to embed security into CI/CD pipelines and DevSecOps workflows
- Proficiency in Terraform and Infrastructure as Code (IaC) methodologies
- Experience with network security design and implementation, penetration testing, and vulnerability assessment tools