Cloud Security Engineer - Azure

Who We Are:

At Avnet, relationships matter. We are a global, FORTUNE ® 500 technology distributor and solutions company that delivers design, supply chain and logistics expertise to customers at every stage of a product's lifecycle. Our employees have a front row seat to the latest innovations shaping the world we live in and the future we share. We're driven to help our customers around the world succeed and we do so by earning the trust of some of the biggest names in technology.

Working at Avnet means being a part of a global team. We work collaboratively and with integrity, doing business the right way. For more than a century, we have partnered together to help our customers, suppliers and teammates realize the transformative possibilities of technology. Experience what's next at Avnet!

Job Summary

Develops, maintains, and enhances secure cloud platform solutions in support of Business Cloud Services delivery. Performs hands-on security operations, automates repeatable security and governance processes, and coordinates remediation activities across Azure, GitHub Enterprise, and BCS-managed applications. Collaborates with BCS developers, architects, leadership, and Security teams to help ensure cloud solutions are designed, delivered, and operated securely. Supports shift-left security practices by providing practical, developer-friendly security guidance and helping teams identify, prioritize, and remediate security findings efficiently.

Principal Responsibilities

• Supports the implementation, operation, and continuous improvement of security controls for BCS-managed Azure resources and cloud platform services.

• Monitors, reviews, triages, and coordinates remediation of security findings from Microsoft Defender for Cloud and other approved security tools.

• Assists with security exception and exemption requests by gathering required technical details, validating business and technical context, and supporting approval workflows.

• Validates remediation actions, tracks closure of security findings, and helps ensure issues are resolved in alignment with approved security requirements and timelines.

• Implements and maintains Microsoft Entra ID security groups, app registrations, service principals, managed identities, and related identity and access configurations.

• Executes RBAC assignments and access changes in accordance with approved access models, least privilege principles, and operational requirements.

• Supports Microsoft Entra Privileged Identity Management role assignments, activations, reviews, and related privileged access processes.

• Assists with access reviews, audits, and compliance activities by validating access, configurations, and supporting evidence.

• Supports security controls within GitHub Enterprise, including repository-level security practices, access controls, and development workflow security.

• Assists with CI/CD security practices, including use of GitHub Advanced Security, secure pipeline configuration, and remediation of pipeline or repository security findings.

• Triage and track application, repository, and software supply chain security findings using Security-provided tools such as Legit Security, ArmorCode, or similar platforms.

• Works directly with BCS developers, architects, and engineering teams to coordinate remediation activities and resolve vulnerabilities with minimal disruption.

• Tracks vulnerabilities, ownership, remediation status, recurring issues, and blockers; escalates risks and trends to BCS leadership as appropriate.

• Automates repeatable security, governance, access, and remediation tasks using scripting, templates, tooling, and standard processes.

• Develops and maintains reusable security templates, patterns, and standards for identity and access configurations, CI/CD security controls, common remediation scenarios, and cloud security operations.

• Supports the use of AI-enabled solutions to improve security operations, visibility, triage, prioritization, and identification of recurring risk patterns.

• Partners with BCS engineering, development, and Security teams to ensure AI-enabled security solutions are used securely, responsibly, and in alignment with enterprise expectations.

• Serves as an operational contact for BCS security issues, including investigation support, technical information gathering, log collection, and coordination with appropriate stakeholders.

• Escalates security incidents, operational risks, remediation blockers, and recurring issues to BCS leadership and Security teams as needed.

• Provides practical, developer-friendly security guidance to support shift-left security practices and improve secure development behaviors across BCS teams.

• Documents security processes, platform configurations, remediation procedures, templates, and operational best practices.

• Other duties as assigned.

Job Level Specifications

• Applies strong working knowledge of cloud security, Azure security services, Microsoft Entra ID, RBAC, privileged access management, GitHub Enterprise, CI/CD security, and DevSecOps practices.

• Develops solutions to complex operational and security challenges involving cloud resources, identity and access management, repository security, pipeline security, vulnerability remediation, and application security findings.

• Works independently on assigned security operations, remediation, automation, and platform support activities while using judgment to evaluate risks, prioritize issues, and recommend practical solutions.

• Collaborates across BCS engineering, development, architecture, leadership, and Security teams to coordinate remediation activities and improve the security posture of BCS-managed applications and cloud environments.

• May provide technical guidance and support to developers and engineering teams on secure configuration, remediation approaches, access models, CI/CD controls, and shift-left security practices.

• Contributes to the development and improvement of security standards, reusable templates, automation patterns, operational procedures, and best practices for BCS cloud and application environments.

• Identifies recurring security issues, operational inefficiencies, and risk patterns; recommends improvements to reduce manual effort, improve consistency, and strengthen security outcomes.

• Decisions and actions may impact cloud security posture, application risk, audit readiness, operational continuity, and the ability of BCS teams to deliver secure cloud solutions.

Work Experience

Typically 8+ years with bachelor's or equivalent.

Education and Certification(s)

Bachelor's degree or equivalent experience from which comparable knowledge and job skills can be obtained.

Distinguishing Characteristics

Typically requires experience supporting cloud environments, security operations, DevSecOps practices, platform engineering, application security, or related technology functions.

Experience should include hands-on work with Azure security, Microsoft Defender for Cloud, Microsoft Entra ID, RBAC, privileged access concepts, GitHub Enterprise, CI/CD pipelines, vulnerability remediation, and automation of operational or security tasks.

This role is focused on hands-on cloud security operations, remediation coordination, identity and access support, GitHub and CI/CD security, application and supply chain security, and security automation for BCS-managed environments.

The position is distinguished by its embedded role within the BCS engineering team and its close collaboration with developers, architects, leadership, and the Security team. Successful performance requires the ability to translate security findings into actionable remediation steps, support developers with practical guidance, and help strengthen security practices without creating unnecessary delivery friction.

The role requires strong familiarity with Azure security services, Microsoft Defender for Cloud, Microsoft Entra ID, RBAC, PIM, GitHub Enterprise, CI/CD security practices, and automation through scripts, templates, or tooling. Preferred experience includes GitHub Advanced Security, Legit Security, ArmorCode, AI-assisted operational approaches, and prior experience in a DevSecOps or cloud engineering environment.

Preferred certifications or training may include:

• Microsoft Azure security or administrator certification

• Microsoft identity and access management certification

• GitHub Advanced Security or GitHub Enterprise training

• Cloud security, DevSecOps, or application security certification

• Related certifications in cybersecurity, cloud engineering, or infrastructure automation

#LI-HYBRID

What We Offer:

Our employees work hard to live our values and help us grow. Our total rewards strategy supports Avnet's ability to attract, engage, develop, and reward our employees, while promoting a diverse and inclusive environment. We offer competitive compensation and benefit programs - from time away and flexible working arrangements to programs supporting employee well-being and opportunities to give back to your community.

• Generous Paid Time Off

• 401K and Pension Plan

• Paid Holidays

• Family Support (Paid Leave, Surrogacy, Adoption)

• Medical, Dental, Vision, and Life Insurance

• Long-term and Short-term Disability Insurance

• Health Savings Account / Flexible Spending Account

• Education Assistance

• Employee Development Resources

• Employee Wellness, Leadership Development and Mentorship Programs

Benefits listed above may vary depending on the nature of your employment with Avnet.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.

Avnet is an Equal Opportunity Employer committed to providing equal opportunities to all employees and applicants for employment without regard to race, color, religion, ancestry, national origin, sex (including pregnancy), age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other characteristic protected by law. This policy of non-discrimination also applies to religious dress and grooming practices. Avnet will accommodate employee religious dress standards and grooming practices that do not result in undue hardship for the Company. If you are interested in applying for employment with Avnet and need special assistance or an accommodation to apply for a posted position contact our Human Resources Service Center at View phone number on click.appcast.io.