Senior Cloud Engineer

About The Position

Requirements

• Bachelor’s degree or equivalent practical experience
• 7+ years of experience supporting Microsoft-based enterprise environments, with a strong focus on identity, authentication, and directory services
• Strong hands-on experience with Azure, Microsoft Entra ID, hybrid identity, Conditional Access, SSO, Intune, and Active Directory
• Hands-on experience with PowerShell, Microsoft Graph API, and Azure-based identity and hybrid connectivity services
• Experience leading complex infrastructure, identity, or modernization initiatives in production environments
• Solid understanding of identity security, privileged access, and Zero Trust concepts
• Ability to work through ambiguity, manage competing priorities, and make sound technical decisions in a fast-paced environment
• Strong communication skills and the ability to work effectively across technical and non-technical teams
• Ability to work additional hours as needed, including nights and weekends

Nice To Haves

• Experience with VMware and NetApp is a plus
• Microsoft Azure Administrator (AZ-104) and other relevant Microsoft identity or security certifications are preferred

Responsibilities

• Owns and evolves the Firm’s Microsoft Entra ID and hybrid identity environment, including Conditional Access, Enterprise Applications, and SSO across SAML and OIDC-integrated applications
• Designs and maintains authentication and access controls, including MFA, passwordless authentication, Windows Hello for Business, certificate-based authentication, and administrative account segmentation
• Manages privileged access controls, including role-based access, PIM, and related administrative security standards
• Leads the transition from legacy authentication models to cloud-first identity, including migration of ADFS-integrated applications, adoption of Password Hash Sync where appropriate, and significant reduction of legacy authentication dependencies
• Improves visibility, monitoring, and security controls across the identity platform, in partnership with IT Security
• Leads Active Directory upgrades and improvements, including domain and forest planning, domain controller lifecycle management, replication health, and related directory services
• Maintains and optimizes core infrastructure services including Active Directory, PKI, DNS, DHCP, and DFS/DFSR
• Contributes to broader infrastructure initiatives, including NetApp storage optimization and NFS modernization, and supports VMware-based hybrid infrastructure where needed
• Builds and maintains PowerShell automation for identity, infrastructure, and operational workflows
• Develops scripts and integrations using Microsoft Graph API for provisioning, reporting, and administrative tasks
• Maintains clear technical documentation, standards, and runbooks to support operations and project delivery
• Acts as a technical lead on identity and infrastructure projects from design through post-implementation review
• Partners with Security, Application Development, and Operations teams to deliver secure, practical solutions
• Troubleshoots complex authentication, access, and hybrid identity issues in a 24/7 production environment
• Takes ownership of high-priority and unplanned work and drives issues through to resolution with minimal oversight
• Participates in an on-call rotation and provide after-hours support when needed
• Performs additional duties as assigned

Benefits

• paid time off
• medical
• dental
• vision care
• 401(k)
• substantial health club discounts
• discretionary bonus(es)