<p>Job Summary</p> <p>Seeking FedRAMP Cloud Security Engineers to architect and secure Azure environments, enforce NIST 800-53 controls, build compliant networks, manage IAM, automate patching, monitor compliance, respond to incidents, and support audit readiness. Expertise in Terraform/Bicep, Azure Policy, Sentinel, and Key Vault required.</p> <p>In this role, you will:</p> <ul> <li>Design and secure Azure cloud environments for banking and government-grade security, using Virtual Networks (VNets), Hub-and-Spoke architectures, and Azure Firewall/Web Application Firewall (WAF). </li><li>Ensure the Azure environment meets FedRAMP compliance by implementing and maintaining NIST 800-53 security controls. </li><li>Build and maintain secure, scalable, and compliant network infrastructure following Azure and security best practices. </li><li>Manage Identity and Access Management (IAM), including: </li></ul> <p>o Azure Active Directory (Entra ID)</p> <p>o Conditional Access policies</p> <p>o Multi-Factor Authentication (MFA)</p> <p>o Alignment with FedRAMP PIV/CAC requirements</p> <ul> <li>Automate patching and remediation for virtual machines and containers, meeting strict FedRAMP timelines (30/60/90 days). </li><li>Continuously monitor security and compliance posture using Microsoft Defender for Cloud and Azure Purview, and prevent unauthorized changes. </li><li>Manage secrets, certificates, and encryption keys using Azure Key Vault, including HSM integration for FedRAMP High environments. </li><li>Detect and respond to security incidents by configuring and managing Azure Sentinel (SIEM) alerts and dashboards. </li><li>Support audits and assessments by: </li><li>Managing the Plan of Action and Milestones (POA&M) </li><li>Working directly with auditors </li><li>Providing automated compliance evidence </li><li>Promote secure development practices across Test, Dev, and Prod pipelines, ensuring security controls are applied consistently and preventing configuration drift. </li><li>Use infrastructure-as-code and automation tools such as Terraform, Bicep, Azure Policy, Azure Sentinel, and Azure Key Vault to enforce and manage security controls. </li></ul> <p>Work Model: Hybrid</p> <p>We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role's business requirements, this is a hybrid position requiring 3-4 days a week in a client or Cognizant office in New York City or Jersey City, NJ. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs.</p> <p>The working arrangements for this role are accurate as of the date of posting. This may change based on the project you're engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.</p> <p>What you need to have to be considered</p> <ul> <li>10+ years of experience with Microsoft Defender for Cloud and Azure Purview, including providing enterprise-wide visibility into FedRAMP security posture and compliance status. </li><li>10+ years of experience in vulnerability management and patch orchestration, specifically supporting FedRAMP remediation efforts in regulated cloud environments. </li><li>10+ years of experience with Secrets and Key Management, including end-to-end lifecycle management of cryptographic keys and service secrets using Azure Key Vault. </li><li>10+ years of experience operating and managing Azure Sentinel (SIEM), including security monitoring, alerting, and incident response within a FedRAMP-authorized boundary. </li></ul> <p>We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.</p> <p>Salary and Other Compensation:</p> <p>Applications will be accepted until 4/24/2026.</p> <p>The annual salary for this position is between $130,000 - $160,000 USD depending on experience and other qualifications of the successful candidate.</p> <p>This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.</p> <p>Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:</p> <ul> <li>Medical/Dental/Vision/Life Insurance </li><li>Paid holidays plus Paid Time Off </li><li>401(k) plan and contributions </li><li>Long-term/Short-term Disability </li><li>Paid Parental Leave </li><li>Employee Stock Purchase Plan </li></ul> <p>Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.</p>