Cloud Engineer II

Sentinel Blue

8d•Remote

About The Position

Sentinel Blue is hiring a Cloud Engineer II for our Operations team. This role owns cloud services in client environments and drives improvements that make delivery more consistent and supportable. Most work occurs in Azure Government and Microsoft 365 GCC High, and this position is expected to operate comfortably in regulated cloud platforms and security-driven configurations. Our ideal candidate executes independently, leads changes end-to-end, and communicates clearly with stakeholders. You will collaborate with other engineers, but you are expected to own outcomes, drive issues to resolution, and turn repeat work into clear documentation and reusable automation. This is a full-time position that is fully remote. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions. A day in the Cloud Engineer II role: You may run point on identity and access work, lead Microsoft 365 improvements, implement and validate cloud changes, and troubleshoot complex issues that cross identity, endpoint management, and Azure infrastructure. You will join client calls as needed, communicate status clearly, and regularly improve SOPs and automation so recurring work becomes more efficient. What We Can Offer: Sentinel Blue is a young company with a focused mission: We’re bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a senior engineering, architectural, or technical leadership role. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference. You will be required to achieve a Security+ certification in the first 6 months of hire; we’ll cover your certification costs and provide paid time for you to study!

Requirements

U.S. citizenship – by nature of our work with the defense industry, all employees must be eligible for a Secret clearance.
3-5 years of relevant engineering experience in cloud environments with demonstrated ownership of systems and change delivery.
Strong hands-on experience with Entra ID, Intune, and Azure in production environments.
Excellent troubleshooting skills and follow-through, including validation and documentation.
Clear written and verbal communication, including client-facing technical discussions.
Proficiency in PowerShell and comfort building reusable automation.
CompTIA Security+ required within 6 months of hire if not already held.

Nice To Haves

Hands-on work in Azure Government, Microsoft 365 GCC High, and/or other FedRAMP Moderate environments
Microsoft 365 tenant migration experience (tenant-to-tenant), including planning, execution support, cutover coordination, and post-migration cleanup; experience with AvePoint or other migration tools are a plus.
Proficiency in core networking fundamentals and practical exposure to platforms such as Fortinet, Meraki, Ubiquiti UniFi, and Cloudflare Zero Trust.
Familiarity with backup and recovery concepts in cloud environments (restore validation, data retention considerations, operational recovery workflows).
MSP or consulting background where you owned delivery across multiple clients and tenants.
Familiarity with compliance-driven engineering expectations (CMMC, NIST 800-171, CIS Controls), including documentation, baselines, and change control.
Bachelor’s or Master's degree in Cybersecurity, Information Systems, Computer Science, Business, or a related field.

Responsibilities

Own Entra ID and cloud identity work across client environments, including integrations and authentication flows.
Design and implement Conditional Access patterns, MFA posture, and break-glass access approaches within standards.
Lead Microsoft 365 workstreams, including tenant configuration improvements and governance-related implementations.
Own Azure delivery work within the approved stack (VMs, storage, networking, AVD), including troubleshooting and remediation.
Lead projects end-to-end, including rollout planning, rollback planning, validation, and closure.
Regularly create SOPs, runbooks, KBs, and diagrams that improve delivery and supportability.
Build and improve reusable automation (PowerShell, Graph, workflow tooling) and refine existing patterns.
Drive permanent fixes for recurring issues and reduce repeat incidents through standards, documentation, and automation.
Participate in client calls as needed and communicate clearly about status, risks, and next steps.