Senior Identity & Cloud Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or a related field (or equivalent professional experience).
• 8+ years of progressive experience in information security, with deep specialization in identity, cloud, and SaaS security.
• Demonstrate hands-on experience with Azure Entra ID (Azure AD).
• Strong understanding of modern IAM concepts, including federation, OAuth/OIDC, SAML, SCIM, conditional access, and Zero Trust.
• Proven ability to design and implement secure, scalable identity architectures in complex environments.
• Strong scripting and automation skills (e.g., PowerShell, APIs).
• Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical stakeholders.
• CISSP (required)

Nice To Haves

• Desire to mentor and train junior team members, fostering skill development and knowledge sharing across the team.
• Experience with AWS and other cloud platforms is a plus.
• Infrastructure-as-code and identity automation experience preferred.
• Cloud and identity-focused certifications strongly preferred, such as: Microsoft Azure Security Engineer / Identity certifications, CCSP, or equivalent advanced cloud security certifications.

Responsibilities

• Architect, implement, and operate enterprise-grade identity and access management (IAM) solutions across cloud and SaaS platforms.
• Design and enforce Zero Trust identity controls, including MFA, conditional access, device trust, least privilege, and risk-based authentication.
• Own identity lifecycle management, including provisioning, deprovisioning, access reviews, and privileged access management (PAM).
• Secure and govern SaaS applications through SSO, federation, SCIM, and access policy enforcement.
• Lead identity hardening initiatives across Azure Entra ID (Azure AD) and other cloud identity platforms.
• Familiarity with cloud pen testing tools to address weaknesses and vulnerabilities.
• Define and maintain security architecture standards for cloud (IaaS/PaaS) and SaaS environments, with a strong emphasis on identity-first design.
• Partner with IT and application owners to securely onboard new cloud and SaaS services.
• Evaluate emerging cloud and identity technologies and make recommendations aligned with firm risk tolerance and business needs.
• Provide guidance on cloud security governance, configuration standards, and secure design patterns.
• Identify, assess, and prioritize identity- and cloud-related vulnerabilities; validate remediation and risk acceptance decisions.
• Support incident response activities related to identity compromise, SaaS misuse, and cloud security events.
• Review higher-risk applications and integrations to ensure compliance with security policies and identity standards.
• Assist with client security assessments and due diligence requests, particularly related to identity, access controls, and cloud security posture.
• Develop and maintain security policies, standards, and procedures related to identity and cloud security.
• Support compliance initiatives aligned with frameworks such as ISO 27001, NIST, and client-driven security requirements.
• Contribute to security awareness efforts with a focus on authentication hygiene and access risk.