Senior Cloud & Security Engineer

About The Position

Requirements

• Bachelor’s degree in computer science, Information Technology, or related field or 10+ years of subject matter experience.
• 7+ years of experience in cloud infrastructure or cybersecurity engineering.
• 3+ years of hands-on experience securing Azure cloud environments.
• Practical experience with SIEM platforms (Microsoft Sentinel preferred).
• Experience managing endpoint security platforms such as CrowdStrike or Microsoft Defender.
• Strong experience with identity security and Microsoft Entra ID.

Nice To Haves

• Azure security architecture and networking.
• Microsoft Sentinel SIEM.
• Microsoft Entra ID identity and access security.
• Microsoft Intune (Endpoint Manager) device and application management.
• Endpoint Detection and Response (CrowdStrike / Microsoft Defender).
• PowerShell and security automation scripting.
• Security monitoring, threat detection, and incident response.
• Ability to translate security architecture into practical, operational engineering solutions.
• Strong analytical, troubleshooting, and problem-solving skills.
• Excellent documentation and communication abilities.
• Proven experience collaborating with architecture, infrastructure, and SOC teams.

Responsibilities

• Lead configuration, tuning, and ongoing optimization of the Microsoft Sentinel SIEM platform.
• Develop and maintain analytics and detection rules, automated response playbook, and security workflows and alerting logic.
• Integrate telemetry from cloud, endpoint, identity, and network sources into Sentinel.
• Partner closely with Navvis’ SOC provider to enhance detection coverage, alert quality, and response effectiveness.
• Engineer and manage enterprise endpoint security and device management capabilities, including Microsoft Intune, CrowdStrike Falcon, and Microsoft Defender for Endpoint.
• Design and maintain device compliance, configuration, and security baselines across Windows, macOS, iOS, and Android platforms.
• Implement and manage device enrollment strategies, compliance policies, configuration profiles, and application protection policies (MAM).
• Ensure endpoint security controls align with Zero Trust and identity-driven access models.
• Support investigation, containment, and remediation of endpoint-based security threats.
• Design and manage identity security solutions within Microsoft Entra ID, including Conditional Access policies, Identity Protection, Privileged Identity Management (PIM), and Identity lifecycle and access governance.
• Integrate Intune device compliance and health signals with Conditional Access policies to enforce Zero Trust access decisions.
• Implement and support a Zero Trust identity architecture across the enterprise.
• Develop security automation using Azure Logic Apps, Microsoft Sentinel Playbooks, PowerShell, and Microsoft Graph APIs.
• Integrate security platforms with incident management, ticketing, and operational tooling to streamline response and reporting.
• Serve as the technical lead for cloud security engineering initiatives and implementations.
• Partner with the Principal Enterprise Architect – Cloud & Security to translate architectural strategy into operational deployment.
• Provide design input and engineering leadership for Azure Landing Zones, secure network architectures, and enterprise security monitoring frameworks.
• Act as the backup authority for cloud and security architecture decisions when the principal architect is unavailable.
• Support enterprise compliance initiatives, including SOC 2, HITRUST, HIPAA, and related frameworks.
• Assist with security control implementation, documentation, and audit evidence collection.
• Participate in risk assessments, security design reviews, third-party vendor and technology evaluations.
• Support enterprise incident response processes for cloud, identity, and endpoint security events.
• Investigate security alerts in collaboration with SOC analysts and infrastructure teams.
• Develop and maintain incident response runbooks and security playbooks.

Benefits

• Competitive total rewards strategy
• Volunteering and social engagement activities
• Company experiences that challenge you to think differently and do different things as part of our never stop learning ecosystem
• Medical insurance
• Dental insurance
• Vision insurance
• 401K with a safe harbor contribution
• Paid Time Off plan starting at 2+ weeks