<p>RESTRICTED POSTING</p> <p>The Senior Cloud Security Specialist will serve as a technical authority for securing Microsoft Azure environments. In this role, you will design, operate, and continuously improve cloud threat detection, investigation, and response capabilities, with a strong focus on Microsoft Defender for Cloud, Azure-native security services, and CNAPP integrations.</p> <p>You will work closely with Cloud Engineering, Security Operations, and Governance teams to ensure a resilient, compliant, and highly observable Azure security posture across enterprise-scale environments.</p> <p>Key Responsibilities</p> <ul> <li> <p>Act as a subject matter expert for Azure cloud security, providing hands-on leadership across detection, investigation, and response activities</p> </li><li> <p>Design, configure, and optimize Microsoft Defender for Cloud security controls, recommendations, and alerting</p> </li><li> <p>Monitor and investigate security events using Azure Activity Logs, Entra ID logs, network flow data, and workload telemetry</p> </li><li> <p>Design, implement, and tune Azure Web Application Firewall (WAF) protections (Azure Application Gateway WAF and Azure Front Door WAF) to defend against OWASP Top 10 threats, bot activity, and application-layer attacks.</p> </li><li> <p>Identify and analyze attack paths and exposure chains across Azure subscriptions, management groups, and hybrid environments</p> </li><li> <p>Integrate Azure security telemetry with CNAPP, SIEM, and SOAR platforms to enable end-to-end threat visibility</p> </li><li> <p>Assist in the development of automated response playbooks for identity, compute, and network-based incidents</p> </li><li> <p>Lead cloud-native incident response, including triage, containment, eradication, and recovery</p> </li><li> <p>Produce clear investigation reports, root cause analyses, and post-incident recommendations</p> </li><li> <p>Provide architectural guidance on secure Azure design, including identity, networking, workload isolation, and data protection</p> </li><li> <p>Partner with engineering teams to embed security controls into CI/CD pipelines and infrastructure-as-code workflows</p> </li></ul> <p>Required Qualifications</p> <ul> <li> <p>Deep hands-on experience with Microsoft Azure security architecture, including Entra ID (Azure AD), RBAC, Azure Policy, VNets, Private Endpoints, and Azure Monitor</p> </li><li> <p>Expert-level knowledge of Microsoft Defender for Cloud, including CSPM, workload protection plans, secure score, and risk prioritization</p> </li><li> <p>Experience with Azure-native protection services such as Defender for Servers, Containers, Storage, SQL, and Key Vault</p> </li><li> <p>Strong investigation skills using cloud-native logs, behavioral analytics, and security telemetry</p> </li><li> <p>Familiarity with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca) Knowledge of cloud security frameworks such as MITRE ATT&CK and CSA CCM</p> </li><li> <p>Experience with regulatory and compliance requirements (e.g., ISO 27001, GDPR, SOX) in cloud environments</p> </li></ul> <p>Preferred Qualifications</p> <ul> <li> <p>Experience leading or mentoring cloud security analysts or engineers</p> </li><li> <p>Hands-on experience with ARM, Bicep, or Terraform</p> </li><li> <p>Background in hybrid or multi-cloud security operations</p> </li><li> <p>Azure security certifications (e.g., AZ-500, SC-100, SC-200)</p> </li><li> <p>7+ years experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles.</p> </li><li> <p>Undergraduate degree in Technical discipline, Computer Science or related field required. Graduate degree preferred.</p> </li><li> <p>CISSP preferred</p> </li></ul> <p>Special Factors</p> <p>Sponsorship</p> <p>Vanguard is not offering visa sponsorship for this position.</p> <p>About Vanguard</p> <p>At Vanguard, we don't just have a mission-we're on a mission.</p> <p>To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.</p> <p>How We Work</p> <p>Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.</p>