Azure Security Governance

For our international team, we are looking for an Azure Governance/Compliance Specialist with a strong security background. In this role, you will support security assessment activities and provide security assurance and governance for Deutsche Telekom projects related to Azure landing zones. You will work closely with international project teams, architects, and stakeholders to ensure solutions meet Deutsche Telekom security requirements. This is not a delivery or operational role. It is a security assurance and governance position.

We are looking for someone with strong knowledge of the Azure landing zone principles and core security controls (e.g. Management Groups & Subscriptions, Azure policy, IAM, VPC design, KMS), along with a general understanding of security governance and policies aligned with best practices. To support product development by ensuring compliance with security requirements, experience with project assessment and governance is needed. Definition and review of security best practices on Azure will be performed regularly. We are looking for someone who will not hesitate to engage in researching how to connect new technology for our benefit. Getting things done and solving problems with the team are essential to the team culture.

Tasks: 

• Perform security reviews of projects as part of the internal security assessment process.
• Provide advisory support to project teams from a security and compliance perspective.
• Assess Azure architectures and designs against internal security requirements.
• Define, review, and help enforce internal security requirements for Azure-based solutions.
• Identify, assess, and document security risks, support risk acceptance and exception processes.
• Govern security testing activities, evaluate results, track findings, and follow up on remediation.
• Contribute to the development of security standards and best practices within the Deutsche Telekom environment.