Title : Cloud Solution Architect
Location : Remote
LOA : Part time / 160 Hours
Job Description :
Services Description : To provide a remediation engagement to remediate Buyer’s Azure environment and security workflow within the guidance of Buyer’s CSS.
Objectives :
- Provide structured support via a scoped “remediation and support hours” block to help execute or guide the implementation of critical fixes identified during the assessment.
Scope :
Team will remediate the Buyer’s Azure environment and security workflow. Areas of effort include :Remediation services and supportWork with the team to solve critical issuesSupport changes and service functionalityApproach :
Remediation SupportHands-on remediation guidance (e.g., policy adjustments, firewall reconfiguration, CNAPP tuning)Solution validation / testing support (e.g., Defender for IoT deployment, traffic flow tests)Co-implementation of playbook items from the roadmapTeam coaching and knowledge transfer sessions beyond initial workshopOn-demand advisory hours for architectural or compliance-related questionsTitle : Sr. Security Cloud Architect
Location : Remote
LOA : 8 weeks, 40 hours / week
Services Description : To provide a focused 8-week engagement to evaluate Buyer’s Azure subscription(s), with an emphasis on security posture and network architecture around and to deliver a prioritized, actionable remediation roadmap and future-state connectivity design.
Objectives :
Review the Buyer’s Azure subscriptions, resource groups, and key services against Microsoft’s Azure Security Benchmark and best FinOps practicesProvide prioritized, risk-based remediation recommendations aligned to industry best practicesAnalyze the security, infrastructure, and connectivity of Azure services supporting OT workloadsDeliver a risk-based, actionable set of recommendations aligned with industry frameworks (e.g., NIST CSF, IEC 62443, CIS Benchmarks) tailored to both Buyer’s CSS and OT risk profiles.Develop a high-level, multi-phase roadmap for strengthening security posture and optimizing cloud architecture over the next 12–18 months.Conduct workshops, guided sessions, and / or document review with Buyer teams to transfer knowledge and build operational confidence in managing OT and cloud-native security.Deliver executive-level summaries and a detailed technical report to enable Buyer stakeholders to track progress and budget for implementation.Scope :
Vendor’s team will evaluate the Buyer’s Azure infrastructure, services, and OT connectivity, and deliver a tactical, risk-driven roadmap for improving posture and performance. Core focus areas include :
Security Configurations
Azure AD, RBAC, Conditional Access, PIM / JIT access, identity protectionDefender for Cloud, Key Vault, MFA enforcement, CNAPP tools such as PrismaNetwork Architecture & OT Connectivity
Review VNets, NSGs, Azure Firewall / NVAs, ExpressRoute, VPNs, Private LinkAnalyze segmentation between IT and OT systems; inspect traffic paths from SCADA, PLCs, or IIoT devices to cloud services OT Service Integration & Data FlowsAzure IoT Hub, Azure Arc, Digital Twins, Azure Stack Edge