Senior Microsoft Cloud Engineer (SME)

About The Position

Requirements

• Must be able to obtain and maintain a Public Trust Tier 2 clearance.
• Must successfully pass an FBI criminal check and fingerprinting conducted by the U.S. Capitol Police.
• A Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience) is preferred.
• Must possess (or have held equivalent prior certifications) the following current Microsoft credentials, maintained for a minimum of 5 years: Microsoft 365 Certified: Administrator Expert, Microsoft Certified: Cybersecurity Architect Expert, Microsoft Certified: Azure Solutions Architect Expert, Microsoft 365 Certified: Endpoint Administrator Associate, Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified: Windows Server Hybrid Administrator Associate, Microsoft 365 Certified: Teams Administrator Associate, Microsoft Certified: Information Security Administrator Associate.

Responsibilities

• Microsoft Cloud Platform Engineering: Design, implement, operate, and optimize Microsoft 365, Azure, and Microsoft Security services to ensure reliability, scalability, and performance.
• Security Architecture & Compliance: Implement and maintain cloud security controls aligned with NIST SP 800-53, Zero Trust Architecture (NIST SP 800-207), and FedRAMP Moderate requirements. Implement incident response and disaster response playbooks that integrate into existing documentation.
• Identity & Access Management: Fully implement and manage a hybrid Active Directory M365 and Entra environment. Administer identity services using Microsoft Entra ID, Conditional Access, privileged access controls, and least-privilege models. Lock down remote PowerShell access for administrative tasks across Azure and Entra APIs.
• Endpoint Management & Autopilot: Create and manage all aspects of Windows, MacOS, and Apple iOS devices in Intune, including compliance and policy delivery. Manage Autopilot delivery of operating system images and software on-demand for environments of at least 700 endpoints.
• Security Operations Enablement: Configure and manage Microsoft Defender, Sentinel, and Purview. Manage data sources feeding into Microsoft Sentinel, including ongoing health reporting and alerting on ingest log data quality.
• Collaboration & Messaging Services: Manage and support Exchange Online, Microsoft Teams, SharePoint Online, and related M365 workloads.
• Azure Infrastructure & Cost Management: Provide engineering support for Azure infrastructure and cloud networking. Set up spending budget configurations in Azure, including alerting and reporting for potential overages against budgets with 90 days lead time.
• Automated Reporting: Implement automated reporting and dashboard creation using Power BI, including systems health monitoring, compliance reports, and utilization reports across all cloud infrastructure.
• Advisory & Documentation: Serve as a senior technical advisor to internal stakeholders. Support formal change management processes and maintain technical documentation and standard operating procedures.