Azure Security Engineer (Azure DevOps and YAML)

Job Title: Azure Security Engineer (Azure DevOps and YAML)

Location: Remote

Duration: 6-12 months

Position Overview: We are looking for a talented Azure Security Engineer with a strong focus on Azure DevOps and YAML. The ideal candidate will be responsible for defining and implementing secure YAML secrets patterns and migrating pipelines from Classic to YAML with Conjur-backed secrets. This role requires a deep understanding of Azure DevOps, pipeline security, and integration with Conjur for secret management. The Azure Security Engineer will work closely with development and operations teams to enhance the security and efficiency of our CI/CD processes.

Key Responsibilities:

Define and implement standard YAML secrets patterns for secure pipeline management.

Migrate Azure DevOps pipelines from Classic to YAML, integrating Conjur-backed secrets.

Design and manage Azure DevOps YAML pipelines, including templates, variable templates, stages, runtime expressions, and pipeline decorators.

Transition Azure DevOps Classic pipelines, focusing on release definitions, variable groups, and task groups as migration sources.

Integrate Conjur with Azure DevOps, configuring extensions, custom tasks, and utilizing Summon/REST-based secret retrieval.

Modify home-grown deployment tools using C# to consume Conjur secrets effectively.

Design reusable YAML templates to standardize secret retrieval across teams.

Manage service connections, implement managed identities, and support workload identity federation.

Implement secret masking, output suppression, and pipeline security hardening to protect sensitive information.

Qualifications:

Proven experience as an Azure Security Engineer or similar role with a focus on Azure DevOps and YAML.

Strong expertise in designing and managing Azure DevOps YAML pipelines.

Experience with Azure DevOps Classic pipelines and migration to YAML.

Proficiency in integrating Conjur with Azure DevOps for secret management.

Strong C# programming skills for modifying deployment tools.

Experience in designing reusable YAML templates for team-wide use.

Knowledge of service connections, managed identities, and workload identity federation.

Familiarity with secret masking, output suppression, and pipeline security best practices.

Excellent problem-solving skills and attention to detail.

Strong communication and collaboration skills.