Azure Governance And Compliance Officer

Description:

Treasury Cube is seeking an experienced Azure Governance and Compliance Officer to oversee and enforce governance frameworks, compliance standards, and risk management within the Azure cloud environment. The ideal candidate will work closely with IT, Security, DevOps, and business teams to ensure the organization's Azure infrastructure meets regulatory and internal policy requirements. This is a remote, contract-based role.

Key Responsibilities:

Governance & Policy Management:

• Define and enforce governance frameworks, including tagging strategies, RBAC models, and naming conventions within Azure.

• Develop and maintain Azure policies and guardrails using Azure Policy, Blueprints, and Management Groups.

• Collaborate with architecture teams to align governance practices with the enterprise cloud strategy.

Compliance Monitoring & Reporting:

• Monitor the compliance posture using Azure Security Center, Microsoft Defender for Cloud, and Compliance Manager.

• Lead compliance assessments for various standards such as ISO 27001, SOC 2, GDPR, and other industry-specific regulations.

• Ensure audit readiness and support internal and external audits.

Risk & Security Management:

• Identify and mitigate risks related to cloud deployments, access controls, data residency, and configuration drift.

• Collaborate with security teams to align Azure governance with information security frameworks like NIST and CIS.

• Manage role-based access control (RBAC), Just-In-Time (JIT) access, and Privileged Identity Management (PIM).

Training & Awareness:

• Drive awareness and training on Azure compliance requirements and governance best practices.

• Maintain documentation on controls, standards, and procedures.

Qualifications:

Mandatory Requirements:

• Education: Bachelor's degree in Computer Science, Information Security, or a related field (Master’s preferred).

• Experience: 5+ years of experience in cloud governance, IT compliance, or cloud security, with at least 2 years in Microsoft Azure.

• Skills: Deep understanding of Azure services, including Azure Policy, Blueprints, Security Center, RBAC, and Management Groups.

• Familiarity with compliance standards such as ISO 27001, SOC 2, PCI DSS, HIPAA, and GDPR.

• Strong analytical, communication, and stakeholder management skills.

Relevant Certifications:

• Microsoft Certified: Azure Security Engineer Associate

• Microsoft Certified: Azure Administrator Associate

• Certified Information Systems Auditor (CISA) or Certified Cloud Security Professional (CCSP).

Preferred Skills:

• Experience with Infrastructure as Code (e.g., ARM, Bicep, Terraform) in a governance context.

• Familiarity with Azure Lighthouse, Azure Monitor, and cost management practices.

• Experience in regulated industries like financial services or healthcare is a plus.