Job Description

As a member of the Cybersecurity Engineering and Architecture team, you will be focused on collaboratively managing risks in Microsoft Azure. You will express a "one team" approach to identifying and mitigating vulnerabilities in our public cloud environments. You will work closely with development, infrastructure and security teams to support and advocate security measures, respond to incidents, and ensure compliance with standards and best practices. You will help the teams deliver and support the foundational security technology used by Expeditors within our cloud environments. You will support your peer engineers in refactoring, deploying and supporting the team's solutions in Azure. Finally, you'll be an advocate for public cloud, a coach and mentor who leans into risk-managed solutions with your incredible technical focus and your uncanny ability to explain the complexities of security and cloud in simple terms.

Primary Responsibilities:

• Design, implement, and maintain security solutions in Microsoft Azure.
• Conduct security assessments and reviews of Azure environments, making recommendations that satisfy cybersecurity standards.
• Develop and enforce security standards, guidelines and procedures.
• Collaborate with the Cyber Defense team and support incident response for Azure-related security events.
• Collaborate with development teams to integrate security best practices into CI/CD pipelines.
• Work with Azure admin team to integrate cybersecurity standards when deficiencies are identified, working together to provide paved paths for internal customers.
• Actively follow security trends, threats, and technologies.
• Responsible for drafting support documentation, technical standards, and operational processes for an existing and evolving application delivery environment.
• Assist in establishing, optimizing, and enhancing regulatory and compliance processes.
• Continuously learns and evolves skill set to remain current with cloud native application delivery best practices and methods.
• Completes technical security deliverables on assigned projects.

This position is on-site and will reside in the greater Seattle, WA. area at one of the following locations depending on availability. Candidates must be local or willing to relocate. Relocation assistance is not offered for this position.

• Downtown Seattle
• Federal Way
• Lynnwood
• Bellevue (Factoria)

Qualifications

MINIMUM QUALIFICATIONS

• At least 10 years combined experience as individual contributor in an IT discipline with a minimum of 5 years in Cybersecurity specifically and 5 years minimum working in public cloud.
• Awareness of a broad set of Azure IaaS, PaaS and SaaS offerings, so that you can engage DevOps teams implementing a variety of services.
• Strong knowledge of networking, firewalls, VPNs, Azure RBAC, SSO with SAML and/or OIDC, managing Azure service principals, understanding Graph API permissions, and other security technologies.
• Using third party tools to monitor vulnerabilities in deployed Azure resources.
• Designing, deploying, operating and supporting Azure environments using Azure Portal, Azure CLI and Terraform.
• Managing Git repositories using Gitlab or GitHub and using pipelines to run tests and deploy changes to environments.
• Operating knowledge of Azure networking, Azure firewalls, network security groups, virtual WAN and common troubleshooting techniques.
• Possess troubleshooting skills in the areas of cloud security, cloud networking and Azure private DNS.
• Familiarity with the Cloud Adoption Framework and ability to express critical thinking around its application in mature technology organizations.
• Demonstrable experience with any form of threat modeling.
• Working experience of regularly writing scripts or other automation using a common language such as shell or Python
• Inquisitive and questioning nature with the goal of collaborating to find solutions.
• Easily adapt to changing requirements and priorities.
• Proficient documentation skills.
• Strong communication and teamwork abilities.
• Pairing your hunger to learn the newest cloud native tools with the capabilities and stack of the overall organization.

DESIRED QUALIFICATIONS

• Bachelor's degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering, or related field.
• Professional experience in a technical engineering position involving infrastructure design technologies, data management and interchange, system design and / or development for complex applications.
• Ability to translate complex business and functional requirements into structured high quality implementations using any variety of common approaches.
• Experience operating in GCP or AWS.
• Experience deploying or maintaining Azure-based Palo Alto next generation firewalls.
• Relevant certifications such as Azure Security Engineer Associate, CISSP, CISM, or similar are highly desirable.

Applicants are required to be eligible to lawfully work in the U.S. immediately; employer will not transfer or sponsor applicants for U.S. work authorization (such as an H-1B visa) for this opportunity.

Additional Information

Expected base salary: $130,000 to $175,000

Expeditors offers competitive benefits to all full-time employees including:

• Paid vacation
• Holidays (10)
• Flexible Days (2)
• Paid Sick Time (accrual rate of 1 hour of sick time per 30 hours paid)
• 401(k) Retirement Savings Plan with employer match
• Employee Stock Purchase Plan (ESPP)
• Medical, Prescription Drug, Dental & Vision Coverage
• Health Savings Account (HSA)
• Life and Disability Insurance
• Paid Parental Leave (additional eligibility criteria)
• Dependent Care Flexible Spending Account (DC FSA)
• Commuter Benefit
• Employee Assistance Program (EAP)
• Training and Personnel Development Program
• Educational Assistance and Reimbursement
• Position is full time (40 hours per week) Monday through Friday

All your information will be kept confidential according to EEO guidelines.