Cloud Security Engineer

Cloud Security Engineer (Azure/M365)

Excelling in tackling challenges in cybersecurity, program governance, strategic planning, business process efficiency, and learning enhancement. Our team is composed of seasoned professionals with military, civilian, and private-sector backgrounds. We grow together-sharing knowledge, solving tough challenges, and providing certified cybersecurity services to federal and commercial organizations.

Position Summary: We're seeking a cloud security engineer with a strong Microsoft focus with hands-on experience in Azure and Microsoft 365 environments to secure our systems, support secure tenant migrations, and help ensure compliance with frameworks like CMMC, NIST SP 800-171, and Zero Trust architecture.

Core Responsibilities:

• Design and implement cloud security controls aligned with Zero Trust, NIST, and company policies
• Manage identity and access (RBAC, PIM, MFA, Conditional Access) in Azure AD / Entra ID
• Support and secure Microsoft 365 tools including Exchange, SharePoint, Teams, and OneDrive
• Assist with secure Azure tenant configuration and migrations, including AvePoint or other migration platforms
• Help implement DLP, data classification, and retention policies using Microsoft Purview
• Monitor and remediate vulnerabilities and system misconfigurations
• Provide Tier 3 support for performance and security-related issues
• Contribute to compliance efforts (CMMC, NIST SP 800-171, RMF), documenting policies and controls
• Collaborate across IT and business teams to align cloud security with evolving needs
• Identify root causes of performance issues in Microsoft environments and implement corrective actions.
• Occasionally respond to major incidents or planned changes outside regular business hours.

Required Skills & Technologies:

• Deep experience in the Microsoft security stack: Entra ID, Intune, Microsoft 365 Defender, Azure Security Center, Microsoft Sentinel, Microsoft Purview
• Microsoft 365 administration: Exchange Online, SharePoint Online, Teams, OneDrive
• Azure administration: RBAC, PIM, policies, and automation
• AvePoint: Expertise in tenant migration and cross-platform data transfer and backups
• Security Compliance: Familiarity with CMMC, DoD RMF, NIST SP 800-171, and IA policies
• Experience securing information systems/networks to NIST, CIS, ISO 27001, and other control sets
• Firewall administration (e.g., FortiGate, Palo Alto, SonicWall)

Education, Experience & Certifications:

• Bachelor's Degree in Information Technology, Cybersecurity, or related field
• Minimum 3 years experience in Microsoft 365 Administration

Hands-on experience with some or most of the following:

• Azure Security Center / Microsoft Defender
• Microsoft Sentinel
• Intune or Purview
• Exchange Online / SharePoint / Teams
• Identity governance (RBAC, MFA, Conditional Access)
• PowerShell scripting
• Familiarity with security frameworks (CMMC, NIST SP 800-171, RMF, CIS)
• A collaborative mindset, curiosity to learn, and ability to adapt in a fast-paced environment
  • Preferred Certifications (or ability to obtain):
    • AZ-500: Microsoft Azure Security Engineer
    • SC-300: Microsoft Identity and Access Administrator
    • SC-200: Microsoft Security Operations Analyst
    • AZ-104: Microsoft Certified: Azure Administrator Associate

Benefits Overview: Full-time employees are offered comprehensive and competitive benefits package including paid vacation, sick leave, holidays, health insurance, life insurance, military leave, training, tuition reimbursement, a wellness program, short- and long-term disability, 401(k) retirement plan with company matches/immediate vesting, commuter benefits, and more.

EEO Policy: It is our policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristic protected by applicable federal, state or local law.