Job Description, Responsibilities & Requirements
About the Position
IMTC is looking for a Senior Azure Cloud Security Engineer to strengthen and scale our cloud network security capabilities across a distributed engineering organization operating in the US, Europe, and Latin America. This is an opportunity to take meaningful ownership within a mature, Azure-native security practice at a company redefining fixed income technology.
You will work closely with engineering leadership and the CTO to advance our Azure network architecture, deepen our zero-trust posture, and ensure our security program continues to meet the rigorous expectations of enterprise clients and regulatory auditors alike. You will be a key voice in client-facing security reviews and enterprise onboarding engagements.
Responsibilities
- Own and continuously improve IMTC’s Azure network architecture, including VNet topology (hub-spoke or VWAN), NSGs, Azure Firewall Premium, and Private Link / Private Endpoints
- Drive the maturation of our zero-trust security model across the Azure environment, including Entra ID Conditional Access, PIM, and workload identity management
- Operate and enhance Microsoft Defender for Cloud and Microsoft Sentinel - tuning detection, managing incidents, and improving coverage
- Maintain and strengthen network security controls aligned with SOC 2 Type II (CC6/CC7) requirements
- Produce and maintain security documentation, including network diagrams, data flow maps, and evidence packs for auditors and enterprise client due diligence questionnaires (DDQs)
- Evaluate and govern ExpressRoute / VPN Gateway configurations for the client- dedicated connectivity
- Design and manage integrations with external identity and authentication providers (e.g., Okta, Ping Identity, Auth0), including SAML, OIDC, and OAuth 2.0 federation with Entra ID
- Partner with full-stack engineering teams to embed security practices into CI/CD pipelines and DevOps workflows
- Serve as a technical authority on cloud security architecture in client security reviews and enterprise onboarding engagements
- Proactively assess and advance our cloud security posture as the client scales and infrastructure complexity grows
Requirements
- 5+ years of experience in cloud infrastructure or security engineering, with at least 3 years focused on Microsoft Azure
- Deep hands-on expertise with Azure Firewall Premium, NSGs, Private Link, VNet peering, and hub-spoke / VWAN topology
- Strong working knowledge of Entra ID (Azure AD), Conditional Access, and Privileged Identity Management (PIM), and managed identities
- Proven experience integrating external identity providers (e.g., Okta, Ping Identity, Auth0) with Azure AD / Entra ID using SAML, OIDC, or OAuth 2.0
- Experience operating Microsoft Defender for Cloud and Microsoft Sentinel (SIEM/SOAR)
- Solid grounding in zero-trust architecture principles and practical implementation in an Azure-native environment
- Hands-on experience with SOC 2 - producing evidence, working with auditors, and owning control domains
- Experience supporting enterprise client security reviews or completing vendor DDQs
- Comfortable working in a fast-paced, distributed engineering team using agile methodologies and DevOps practices
- English – Advanced (C1)+
Nice to Have
- Experience with IaC tools (Terraform, Bicep, or ARM templates) is a strong advantage
- Background in financial services, FinTech, or regulated industries is a strong advantage
- Relevant certifications (AZ-500, SC-100, SC-200, CISSP, CCSP) are a plus but not required
We Offer
- 20 vacation days (workdays)
- 7 sick days
- Personalized career growth
- Internal English classes
- Education reimbursement
- Corporate events and team buildings
- Equipment provided
About the Company
IMTC is a company that provides great opportunities for development and career. The company is known for its friendly atmosphere, team spirit, and interesting projects. Employees appreciate the support, appreciation, and motivation they receive at work.
Apply now to join our team and contribute to our mission of redefining fixed income technology.