Primary Skills
security, monitoring, assessing, Azure Functions, analyze, scalable, AKS, coordinate, Operate, Client: Mercedes Benz Financial Services (MBFS)Location: Onsite – Alliance / Forth Worth, TX (3-4 days onsite (Fridays remote))Contract: 12 months + (Potential for extension or fulltime conversion)Position Overview: This person will be a security architect that will help provide security assessments and threat models for MBFS Application, MBFS is seeking a Cyber Security Architect to deploy, operationalize, and mature application level security capabilities in alignment with the global Architecture & Engineering (AE) strategyThis role serves as a senior technical authority responsible for identifying, and remediating application security risks while partnering closely with development teams, cloud engineers, and business stakeholders to ensure secure, and compliant solutionsKey ResponsibilitiesApplication & Cloud Security EngineeringDeploy, and mature application security tools, capabilities, and standardized requirements across the regionIdentify, and document application level vulnerabilities using structured and repeatable approachesProvide hands on support for secure application design, remediation efforts, and secure SDLC practicesSupport the deployment, and monitoring of applications hosted in Microsoft AzureSecure Azure workloads including App Services, and Virtual MachinesArchitect and review secure network configurations, including NSGs, private endpoints, and firewallsImplement secrets management using Azure Key VaultLeverage Defender for Cloud, Azure Policy, Log Analytics, and Microsoft Sentinel for governance, and continuous improvementThreat Modeling, Risk Management & Secure DesignPerform secure profiling and threat modeling using STRIDE, C4 modeling, and MITRE methodologiesDevelop data flow diagrams and comprehensive threat models for critical applicationsTranslate identified threats into actionable, prioritized security recommendationsTrack, and report on remediation activities and overall application risk postureCommunicate risks, mitigation strategies, and compliance readiness to both technical and non technical stakeholdersIdentity, Access & Security EnablementDesign and guide secure authentication and authorization architectures using:OAuth 20OpenID Connect (OIDC)SAML 20Implement and support integrations with Microsoft Entra ID (Azure AD)Advise teams on JWT validation, managed identities, service to service authentication