Security Engineer Job Summary: Talent Software Services is in search of a Security Engineer for a contract position in Redmond, WA.
The opportunity will be a year with a strong chance for a long-term extension.
Position Summary: Security and Compliance Engineer to support and enhance the security posture and compliance readiness of cloud-based services hosted in Azure and Power Platform.
This role involves conducting detailed security and risk assessments, driving remediation activities, analyzing compliance telemetry, and leveraging automation to scale secure engineering practices.
The ideal candidate brings strong technical expertise, a passion for proactive risk management, and the ability to partner across teams to ensure consistent, compliant, and resilient solutions.
Primary Responsibilities/Accountabilities: Perform in-depth security and risk assessments for services deployed on Azure and Power Platform.
Document risks in the Risk Register, ensuring accurate linkage to corresponding remediation actions.
Collaborate with engineering teams to track progress on risk mitigation and ensure closure.
Provide technical guidance and hands-on remediation support, including dedicated office hours.
Capture and standardize remediation steps, building reusable guidance for future scenarios.
Analyze security and compliance datasets using tools like Azure Data Explorer (Kusto) to surface insights and summarize risk impact.
Leverage automation to streamline risk tracking, compliance validation, and remediation workflows.
Support and participate in security and compliance campaigns, aligning efforts with corporate and division-wide priorities.
Track and manage assigned work via Azure DevOps, providing timely updates and clear documentation.
Typical Task Breakdown and Operating Rhythm: The role will consist of 15% meetings, 75% head-down work.
Candidate Value Proposition What makes this role interesting?
This role provides the opportunity to be involved in reviews for multiple services across the division, enhancing exposure and experience.
Unique Selling Points: The role is related to cybersecurity compliance and offers high visibility and interaction with multiple stakeholders.
Qualifications: Bachelor's degree in Computer Science, Software Engineering, or a related technical discipline.
5–7 years of relevant industry experience in security engineering, compliance, or cloud risk management.
Years of Experience Required: 5 overall years of experience in the field.
Degrees or Certifications Required: CISSP certification or equivalent (e.g., SANS GIAC certifications) is required.
Also, a Bachelor's degree in Computer Science, Software Engineering, or a related technical discipline OR 5–7 years of relevant industry experience in security engineering, compliance, or cloud risk management is required.
Best vs.
Average: The ideal resume would contain experience with secure code reviews and static/dynamic analysis tools, hands-on experience securing Power Platform, including Canvas Apps and Dataverse, and familiarity with compliance automation frameworks or platforms (e.g., Azure Policy, Purview). Multi-tasking ability is essential.
The candidate should not be a support person but should have a friendly persona for stakeholders.
Proactivity and a strong work ethic are required.
Comfort in communicating with stakeholders is also necessary.
Performance Indicators: Performance will be assessed based on meeting deadlines and the quality of work.
Minimum 5 years of experience with Azure, including familiarity with its security architecture and services.
Minimum 3 years of experience in security assessments, threat modeling, and risk analysis.
Minimum 1 year of experience with risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks.
CISSP certification or equivalent (e.g., SANS GIAC certifications). 5 years of hands-on experience with Azure, including familiarity with its security architecture and services.
3 years of experience in security assessments, threat modeling, and risk analysis.
1 year of experience in risk management, with working knowledge of NIST CSF v2 or other relevant control frameworks.
Strong understanding of web application security, threats, and mitigation strategies.
Demonstrated ability to provide security and compliance support across multiple teams.
Experience using Azure Data Explorer (Kusto) for compliance and security telemetry analysis.
Experience with automation tools (e.g., PowerShell, Azure Logic Apps, CI/CD integration, scripting) to enhance compliance and risk workflows.
Excellent communication, collaboration, and analytical skills.
Preferred: Experience with secure code reviews and static/dynamic analysis tools.
Hands-on experience securing Power Platform, including Canvas Apps and Dataverse.
Familiarity with compliance automation frameworks or platforms (e.g., Azure Policy, Purview). If this job is a match for your background, we would be honored to receive your application!
Providing consulting opportunities to TALENTed people since 1987, we offer a host of opportunities including contract, contract to hire and permanent placement.
Let's talk!