Job Description

Role Objective
The Azure Data Platform Security Engineer will be responsible for designing, implementing, testing, and validating technical security controls across Azure Data Factory (ADF) and Azure Data Lake environments.
The role ensures that all ingested and processed data is securely protected through robust row-level security, column-level security, and data masking mechanisms--while maintaining business ownership and alignment with approved data access rules.
Key Responsibilities
1. Data Security & Access Control

• Design and implement row-level and column-level security based on business rules, roles, and data ownership.
• Develop and apply data masking logic and scripts for sensitive data in ingestion, transformation, and consumption layers.
• Ensure security policies are enforced consistently across the full data lifecycle.

2. Azure Data Platform Security

• Embed security and access controls into ADF pipelines, ensuring data is protected at rest and in transit.
• Configure and enforce least-privilege access using:

• Azure RBAC
• Azure Data Lake ACLs
• Managed Identities
• Secure Integration Runtimes
• Secure all credentials, secrets, and keys using Azure Key Vault with zero hardcoding of sensitive information.

3. Collaboration & Governance

• Collaborate with business stakeholders, data owners, and process owners to:

• Define security use cases
• Approve access control rules
• Validate masking and visibility requirements
• Ensure compliance with organizational data governance and security policies.

4. Testing, Validation & Assurance

• Perform end-to-end testing of security controls including:

• Row-level & column-level access enforcement
• Data masking validation
• Unauthorized access prevention
• Support UAT and assurance reviews by demonstrating working security controls aligned with approved requirements.

5. Documentation & Audit Readiness

• Produce clear, audit-ready documentation covering:

• Implemented security controls
• Test cases, results, and evidence
• Access and ownership approvals
• Assist internal and external audits with explanations and evidence of design and security decisions.

Required Skills & Experience
Technical Skills

• 5-6 years of experience in Azure data platform engineering and security
• Strong hands-on expertise in:

• Azure Data Factory
• Azure Data Lake Gen2
• Azure RBAC & ACLs
• Azure Key Vault
• Managed Identities
• Solid understanding of:

• Data security concepts
• Row-level & column-level security
• Data masking techniques
• Least-privilege access models

Soft Skills

• Excellent stakeholder management and communication skills
• Ability to convert business security requirements into technical implementations
• Highly detail-oriented with strong focus on compliance and audit preparedness
• Self-driven, capable of working independently in a project-based delivery environment

Preferred Qualifications

• Azure certifications such as AZ-500 or DP-203
• Experience in regulatory/compliance-driven environments
• Familiarity with enterprise data governance and assurance frameworks

Vertical:
Technology

Skills Required