Engineer, Cloud Security

Clean Power Alliance
$158,711 - $238,066Hybrid

About The Position

Clean Power Alliance (CPA) is seeking an experienced, detail-oriented, and security-minded professional to join our growing team as Engineer, Cloud Security. This position serves as CPA’s technical lead for cybersecurity architecture and operations with deep expertise in Microsoft enterprise and cloud security platforms. This role designs, oversees, and implements security controls across identity, endpoints, cloud infrastructure, data protection, and CPA’s overall Microsoft enterprise ecosystem to safeguard CPA assets and ensure compliance with the National Institute of Standards and Technology (NIST) security frameworks. The ideal candidate combines deep technical expertise with strong judgment, understands the threat landscape facing critical infrastructure and energy sector organizations, and proactively designs architectures that balance security, usability, and operational efficiency.

Requirements

  • Bachelor’s degree in information technology, computer science, information systems, cybersecurity, or a related field.
  • Minimum of 5 years of experience in cybersecurity, cloud security, or enterprise IT security work.
  • At least one relevant industry cybersecurity certification (e.g., Microsoft SC-100, SC-200, SC-300, AZ-500, CISSP, CISM, or GIAC) or obtain one within 6–12 months of hire.
  • Proficient with Microsoft Office Suite
  • Ability to act with integrity, professionalism, and confidentiality.
  • Ability to fully own tasks and processes with minimal oversight.
  • Ability to handle multiple priorities to meet deadlines and escalate key issues.
  • Strong hands-on experience administering Microsoft Entra ID, including identity governance, conditional access, and privileged identity management.
  • Deep expertise with Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, and Cloud) for threat detection and response.
  • Proven experience designing and operating Microsoft Sentinel for SIEM, including KQL, analytics rules, workbooks, and automation.
  • Hands-on experience with Microsoft Intune for endpoint management, configuration profiles, compliance policies, and application protection.
  • Working knowledge of Microsoft Purview for data classification, data loss prevention (DLP), insider risk, and information protection.
  • Strong understanding of cloud security posture management, including Microsoft Defender for Cloud and secure configuration baselines.
  • Practical experience applying the NIST Cybersecurity Framework and supporting controls aligned to NIST 800-53 or 800-171.
  • Experience with vulnerability management, threat intelligence, and incident response operations.
  • Well-versed in cloud environments, identity and access management, endpoint security, network security, best-practice security governance, data privacy regulations, and zero-trust architecture principles.
  • Deep understanding of the interactions between systems and how business processes are enabled and impacted by those systems.
  • Must be able to work at a desk and on a computer for prolonged periods.

Nice To Haves

  • Proficient with data visualization tools and software (i.e., Tableau, Power BI).
  • Additional certifications across these tracks are highly desired.
  • Experience supporting a regulated industry (energy, utilities, financial services, healthcare, or public sector) and start-up experience is highly desired.
  • Experience or coursework with cloud platform security services, especially Amazon Web Services; cloud-native security tooling; Windows and Linux endpoint hardening; SQL databases.

Responsibilities

  • Architect, implement, and administer enterprise security solutions across Microsoft platforms including Microsoft Entra ID, Microsoft Defender XDR, Microsoft Intune, Microsoft Sentinel, and Microsoft Purview.
  • Collaborate with the members of the Data and Systems team including but not limited to the Architect to define architectural standards and reference patterns that optimize security posture, scalability, and operational efficiency.
  • Create and maintain security architecture and design documentation.
  • Lead cybersecurity architecture and security design including identity governance, conditional access policies, endpoint protection, and Microsoft cloud security posture management.
  • Implement and tune controls to enforce least privilege, zero-trust principles, and secure device baselines across the enterprise.
  • Manage and coordinate the work of managed security service providers (MSP/MSSP), including vendor oversight, SLA management, and deliverable review.
  • Direct enterprise threat detection, incident response, vulnerability management, and security monitoring programs across the Microsoft enterprise ecosystem.
  • Develop detection content, response playbooks, and automation in Microsoft Sentinel and Defender to reduce mean time to detect and respond.
  • Lead incident documentation and reporting, including timely notification and escalation to senior leadership, and coordination of any required regulatory or contractual reporting within mandated timeframes.
  • Conduct post-incident reviews and track remediation to closure.
  • Develop and maintain cybersecurity policies, standards, and technical roadmaps, including the implementation of NIST Cybersecurity Framework adoption items.
  • Coordinate with audit, regulatory, and risk stakeholders to evidence control effectiveness and close identified gaps.
  • Serve as CPA’s advisor on cybersecurity risk, Microsoft platform security capabilities, and emerging cyber threats while providing IT security support and supporting enterprise security awareness initiatives.
  • Partner with departments to evaluate the security implications of new tools, integrations, and business processes.
  • Partner with Marketing & Communications to secure CPA's public-facing web properties and customer portals, including secure configuration, vulnerability remediation, and third-party/vendor risk for externally hosted sites.
  • Serve as subject matter expert and primary point of contact during audits for security related items.
  • Create, enhance, document, and manage continuous improvement initiatives across the security program.
  • Responsible for identifying inefficiencies, proposing solutions to senior leadership, and leading the implementation of new tools, automation, and reporting frameworks that enable the team to scale and improve various systems.
  • Perform other duties as assigned.

Benefits

  • health care
  • a 401(k)-like match program
  • paid vacation
  • sick leave
  • transportation allowance (for Hybrid option)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service