Cloud Systems Engineer

Agile Defense•McLean, VA

About The Position

We’re seeking a proactive Cloud Systems Engineer to join our IT and security engineering team. This role focuses on designing, automating, and securing cloud, identity, and endpoint platforms across Azure, Entra ID, Microsoft 365, and AWS. The ideal candidate has experience with cloud infrastructure, identity management, scripting, automation, and endpoint security, and approaches system design with a security-first mindset. This individual will help build scalable, automated environments while supporting tenant migrations, platform integrations, and improvements to reliability and security. Cloud Systems Engineer (Azure / AWS / Identity) SUMMARY We’re seeking a proactive, self-motivated Cloud Systems Engineer to join our IT Operations and security engineering team. This role focuses on designing, automating, and securing cloud and identity platforms across Microsoft Azure, Entra ID, Microsoft 365, and AWS. The ideal candidate has strong experience with cloud infrastructure, identity management,scripting, and automation, and approaches system design with a security-first mindset. This engineer will help design scalable cloud solutions, automate operational processes, and support initiatives such as tenant migrations, platform integrations, and security improvements.

Requirements

5+ years of experience in cloud engineering, infrastructure engineering, or systems engineering.
Hands-on experience with Microsoft Azure and/or AWS environments.
Experience administering enterprise identity platforms such as Entra ID.
Experience with PowerShell or similar scripting for automation.
Familiarity with APIs and cloud service integrations.
Experience supporting Microsoft 365 environments.
Bachelor’s degree in Information Technology, Computer Science, or related field preferred.

Nice To Haves

Familiarity with infrastructure-as-code, tenant-as-code and automation frameworks
Experience with compliance frameworks (NIST 800-171, CMMC, SOC2, etc.)
Knowledge of cloud security monitoring and logging platforms (Defender, Splunk, Sentinel,Elastic)
Exposure to DevOps or platform engineering practices
Strong understanding of security best practices for cloud and identity platforms
One or more of the following certifications is preferred: Microsoft Azure Administrator Associate or Security Engineer AWS Solutions Architect Microsoft Identity and Access Administrator Security+ or similar security-focused certifications GIAC Cloud Security Essentials

Responsibilities

Design, deploy, and maintain infrastructure and services within Azure and AWS environments.
Administer IdM platforms such as Entra and Okta, including authentication policies,conditional access, and identity governance.
Develop automation using PowerShell, Terraform, Ansible or other scripting languages tostreamline cloud and operational processes.
Integrate systems and services using APIs and modern authentication protocols (SAML,OAuth, OIDC, SCIM).
Administer and support Microsoft 365 services including Exchange Online, Teams,SharePoint, and OneDrive.
Support Microsoft Purview configuration related to data governance, compliance, andinformation protection.
Plan and assist with tenant migrations across Microsoft 365 and cloud environments.
Implement and maintain security best practices across cloud infrastructure and identitysystems.
Monitor cloud environments and investigate performance, operational, or security issues.
Maintain technical documentation for systems, automation, and operational procedures.
Collaborate with engineering and security teams to improve platform reliability, securityposture, and operational efficiency.
Manage endpoint lifecycle and security across Windows and macOS devices using Microsoft Intune and Autopilot, including device enrollment, configuration policies, compliance enforcement, and endpoint management best practices.