Information Technology Support Specialist

About the company

US based AI and Data Consulting Startup transforming how businesses leverage technology through four core service lines:

•Consulting Services: AI Strategy, Automation, and Digital Transformation for enterprises.

•SaaS Platform Development: Building a business application suite similar to Odoo and Zoho that is AI-native and user friendly.

•Data Lakehouse Solutions: Unified data pipelines for aggregation, cleaning, governance, and advanced analytics.

•Government Contracting: Developing secure, compliant AI solutions for the public sector.

Our tech stack includes Python, TypeScript, React, Next.js, Go, Rust, Azure, Kubernetes, Spark, MLflow, Postgres, graph databases, and vector stores. We're a small, fast-moving team delivering enterprise-grade solutions with startup agility.

Job Description

We're looking for a Cloud Security & Compliance Engineer to own the setup, hardening, and ongoing security of our Microsoft 365 and Azure environments. You'll ensure our cloud infrastructure meets SOC 2 and ISO 27001 standards while embedding security into our DevSecOps workflows.

This is a hands-on role requiring deep technical expertise in Microsoft cloud platforms, security architecture, and compliance frameworks.

Responsibilities

-Design and implement secure Microsoft 365 tenant configuration from the ground up

-Configure and manage Azure infrastructure with security-first principles

-Implement Identity and Access Management using Microsoft Entra ID (Azure AD)

-Deploy and manage Microsoft Defender, Sentinel, Intune, and Conditional Access policies

-Establish governance frameworks for cloud resource management -Lead SOC 2 Type II and ISO 27001 compliance initiatives

-Conduct security assessments, gap analysis, and remediation planning

-Implement security baselines, policies, and controls across M365 and Azure

-Manage audit processes and maintain compliance documentation

-Establish and maintain security monitoring and incident response procedures -Integrate security into CI/CD pipelines (Azure DevOps, GitHub Actions)

-Implement Infrastructure as Code (IaC) security scanning and validation

-Establish secrets management using Azure Key Vault

-Deploy container security and vulnerability scanning

-Automate security compliance checks and reporting

Requirements

-6-10 years in IT security, cloud engineering, or DevSecOps roles

-3+ years hands-on experience with Microsoft 365 and Azure security

-Proven track record implementing SOC 2 and/or ISO 27001 compliance

-Experience with DevSecOps practices and tooling