Vanguard

Senior Cloud Security Specialist – Microsoft Azure

Malvern, PA April 10, 2026 Full Time Workday

The Senior Cloud Security Specialist will serve as a technical authority for securing Microsoft Azure environments. In this role, you will design, operate, and continuously improve cloud threat detection, investigation, and response capabilities, with a strong focus on Microsoft Defender for Cloud, Azure-native security services, and CNAPP integrations.


You will work closely with Cloud Engineering, Security Operations, and Governance teams to ensure a resilient, compliant, and highly observable Azure security posture across enterprise-scale environments.

Key Responsibilities

  • Act as a subject matter expert for Azure cloud security, providing hands-on leadership across detection, investigation, and response activities

  • Design, configure, and optimize Microsoft Defender for Cloud security controls, recommendations, and alerting

  • Monitor and investigate security events using Azure Activity Logs, Entra ID logs, network flow data, and workload telemetry

  • Design, implement, and tune Azure Web Application Firewall (WAF) protections (Azure Application Gateway WAF and Azure Front Door WAF) to defend against OWASP Top 10 threats, bot activity, and application-layer attacks.

  • Identify and analyze attack paths and exposure chains across Azure subscriptions, management groups, and hybrid environments

  • Integrate Azure security telemetry with CNAPP, SIEM, and SOAR platforms to enable end-to-end threat visibility

  • Assist in the development of automated response playbooks for identity, compute, and network-based incidents

  • Lead cloud-native incident response, including triage, containment, eradication, and recovery

  • Produce clear investigation reports, root cause analyses, and post-incident recommendations

  • Provide architectural guidance on secure Azure design, including identity, networking, workload isolation, and data protection

  • Partner with engineering teams to embed security controls into CI/CD pipelines and infrastructure-as-code workflows

Required Qualifications

  • Deep hands-on experience with Microsoft Azure security architecture, including Entra ID (Azure AD), RBAC, Azure Policy, VNets, Private Endpoints, and Azure Monitor

  • Expert-level knowledge of Microsoft Defender for Cloud, including CSPM, workload protection plans, secure score, and risk prioritization

  • Experience with Azure-native protection services such as Defender for Servers, Containers, Storage, SQL, and Key Vault

  • Strong investigation skills using cloud-native logs, behavioral analytics, and security telemetry

  • Familiarity with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca) Knowledge of cloud security frameworks such as MITRE ATT&CK and CSA CCM

  • Experience with regulatory and compliance requirements (e.g., ISO 27001, GDPR, SOX) in cloud environments

Preferred Qualifications

  • Experience leading or mentoring cloud security analysts or engineers

  • Hands-on experience with ARM, Bicep, or Terraform

  • Background in hybrid or multi-cloud security operations

  • Azure security certifications (e.g., AZ-500, SC-100, SC-200)

  • 7+ years experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles.

  • Undergraduate degree in Technical discipline, Computer Science or related field required. Graduate degree preferred.

  • CISSP preferred

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Apply on company site

How to Get Hired at Vanguard

  • The Vanguard Group is the world's second-largest asset manager with ~$10T AUM and ~21,000 employees, headquartered on a 100-acre wooded campus at 100 Vanguard Boulevard in Malvern PA, with major U.S. offices in Charlotte NC, Phoenix AZ, and Scottsdale AZ, plus international offices in London, Melbourne, Mexico City, and Shanghai.
  • Vanguard is mutually owned by its own funds (and through them by the funds' investors) — there is no IPO, no parent company, no founding family equity stake, and no external shareholder. This structure is the source of the firm's roughly 0.07 percent average expense ratio and is referenced in nearly every internal cultural conversation. Engaging with this structure understandingly is the single biggest cultural-fit signal you can send.
Read the full guide

How well do you match this role?

Check My Resume