Cloud Security Engineer (m/f/d)
Region: Cologne or Künzelsau (remote working partly possible)
Department: IT Security
The BERNER Group is a European trading company for professionals in the mobility, construction and industry sectors. We are the leading B2B specialist and innovative manufacturer of chemical products. Our purpose is: "We are pushing the limits of the possible for the shapers of a better tomorrow". This means that our strong brands BERNER, BTI by BERNER and CCS help our customers to keep their business successful and running.
* Continue to establish a secure Microsoft Azure environment and support the migration from on-premises infrastructure to the cloud
* Provide advisory on architectural decisions and cloud deployments to align with security best practices
* Maintain and continuously develop cloud security controls and policies within Microsoft Azure
* Collaborate with IT and infrastructure teams to ensure security in daily cloud operations
* Manage and optimize Azure security services, including Defender for Cloud, Sentinel and Identity Protection
* Support IT and infrastructure in implementing and enhancing a zero-trust security model for cloud environments
* Ensure best practices around Identity and Access Management (IAM) in Azure, including Conditional Access, Privileged Identity Management (PIM) and role-based access control (RBAC)
* Completed degree in IT Security, Computer Science, Computer Engineering or similar field
* Strong knowledge of cloud security principles, ideally with a focus on Microsoft Azure (or similar platforms, e.g. AWS or GCP), including topics such as Identity & Access Management (IAM), Network Security Groups (NSG), Azure Policy, Defender for Cloud and secure cloud architecture
* Experience implementing and managing security monitoring, logging and threat detection in cloud environments, using tools like Microsoft Sentinel, Defender for Cloud and Azure Monitor
* Strong programming and automation skills, enabling the development of scripts and Infrastructure as Code (IaC) solutions, using PowerShell, Python, ARM templates, Terraform or similar tools
* Experience developing CI/CD pipelines (e.g. GitHub, Bitbucket)
* Curious with an analytical and risk-focused mindset
* Fluency in English (written and spoken)
* Additionally desired qualifications:
o German language skills helpful but not required
o Broad experience across various domains of security
o Knowledge of SAST and DAST tools
* Permanent contract
* Mobile work partly possible
* Structured onboarding
* State-of-the-art workplace
* Künzelsau: canteen with daily, freshly prepared dishes
* Cologne: Pluxee food vouchers
* Allowance for transportation costs
* Bike leasing (JobRad)
* EGYM Wellpass with more than 5,000 sport and fitness offers
* Company pension scheme and employee purchase with attractive conditions
* Many training and development opportunities within our future-oriented company
JBRP1_DE