About Stavtar

Stavtar(https://stavtar.com/) is a software and technology services company, headquartered in New York and with offices in Dallas, London, Bengaluru and Mumbai. Stavtar addresses complex challenges in Hedge Funds, Private Equity, and Investment Banking industries. Our flagship product, StavPay, is widely adopted by Alternative Asset Managers managing over $2 trillion in assets

About the Role

We are seeking an experienced Azure Security Engineer to join our cloud security team.
The role involves designing, implementing, and managing security controls, governance policies, and compliance frameworks across Azure cloud environments.
You will work closely with cloud architects, DevOps, and compliance teams to ensure that our Azure workloads remain secure, resilient, and compliant with industry standards.

Key Responsibilities

• Design, implement, and manage Azure security architecture across IaaS, PaaS, and SaaS services.
• Configure and manage Azure Security Center (Defender for Cloud), Microsoft Defender for Cloud Apps, and Azure Sentinel (SIEM).
• Implement and enforce identity and access management using Azure AD / Entra ID, Conditional Access, Privileged Identity Management (PIM), and MFA.
• Deploy and monitor network security controls, including NSGs, ASGs, Firewalls, WAF, DDoS Protection, and Private Endpoints.
• Manage and secure Key Vault, Storage Accounts, Databases, and Secrets.
• Automate security operations using Azure Policy, Blueprints, and Security Baselines.
• Conduct vulnerability assessments and coordinate remediation efforts.
• Support incident response activities and integrate with Azure Sentinel playbooks for automated response.
• Work with compliance teams to align with ISO 27001, SOC 2, NIST, GDPR, HIPAA, and other regulatory requirements.
• Provide security guidance in CI/CD pipelines (DevSecOps practices).
• Develop and maintain security documentation, runbooks, and best practices.

Required Skills & Qualifications

• 3–5+ years of experience in cloud security (with at least 2+ years in Azure Security).
• Strong knowledge of Microsoft Azure security services:
• Azure AD / Entra ID
• Microsoft Defender for Cloud (Security Center)
• Azure Sentinel (SIEM/SOAR)
• Azure Firewall, WAF, and DDoS Protection
• Key Vault, Storage Security, Disk Encryption
• Solid understanding of network security concepts: NSGs, ASGs, VNETs, Zero Trust, and segmentation.
• Hands-on experience with Azure Policy, Blueprints, and RBAC.
• Experience with PowerShell, CLI, or Terraform for automation.
• Familiarity with compliance standards: NIST, CIS Benchmarks, ISO 27001, SOC, HIPAA, SOC 2
• Strong troubleshooting, analytical, and problem-solving skills.
• Excellent communication and documentation skills.

Preferred / Nice-to-Have Certifications

• Microsoft Certified: Azure Security Engineer Associate (SC-200 / SC-300 / AZ-500)
• Microsoft Certified: Cybersecurity Architect Expert (SC-100)
• CISSP, CISM, or other relevant security certifications.

Soft Skills

• Strong collaboration skills – able to work with developers, IT, and compliance teams.
• Ability to analyze risks and provide practical mitigation strategies.
• Proactive, detail-oriented, and capable of working independently in a fast-paced environment.

Mode: Work from Office

Work Location: Bengaluru

Working Hours: 1:00 PM to 10:00 PM IST or 2:00 PM to 11:00 PM IST (as per the US daylight saving schedule)