Cloud Security Engineer

This job is onsite 3 days a week. Must be a US Citizen or Green Card Holder. PLEASE DO NOT APPLY If you are not a US Citizen or Green Card holder.

Job Description:

As a Cloud Security Engineer, you'll be a central part of our security operations. Your work directly protects our Microsoft 365 and Azure environments, safeguards sensitive financial data, and helps us maintain a resilient security posture. You’ll play a hands-on role in monitoring alerts, investigating incidents, and improving how we secure and manage our cloud infrastructure.

Key Responsibilities

Security Operations (Primary Focus)

• Monitor, triage, and respond to security alerts across Microsoft Defender (Endpoint, Office 365, Identity, Cloud Apps)
• Investigate and remediate incidents in partnership with our MDR provider (Arctic Wolf), following documented incident response procedures
• Coordinate vulnerability scanning and remediation efforts across systems and teams, tracking remediation timelines
• Manage identity access and configuration controls within Entra ID, including access reviews and privilege management
• Maintain and refine Conditional Access policies, MFA settings, and identity protection controls based on emerging threat landscapes
• Review and act on Defender for Cloud and Sentinel security recommendations with documented justification for approved exceptions
• Maintain Intune compliance policies and security baselines, ensuring alignment with security standards
• Support DLP and information protection initiatives across Microsoft 365, including policy configuration and exception handling
• Document security incidents, investigations, and resolutions for audit and compliance purposes
• Participate in on-call rotation (TBD frequency) to address urgent security matters outside business hours

Security Engineering & Continuous Improvement

• Partner with Microsoft solution providers and internal engineering teams to enhance controls and implement security improvements
• Assist in designing and implementing new security policies and configuration improvements across the Microsoft ecosystem
• Contribute to automation initiatives and workflow optimization to reduce manual security operations work
• Develop and maintain runbooks and standard operating procedures for common security scenarios
• Participate in security planning, architecture discussions, and project work related to cloud infrastructure
• Conduct security research and stay current with emerging threats and Microsoft security best practices
• Contribute to security awareness and training initiatives within the organization
• Maintain technical documentation related to security controls, policies, and configurations

🎯 What You Bring

Required

• 2–4 years of hands-on experience with Microsoft cloud security tools (Azure, Defender, Entra ID, Intune, Microsoft Purview) in production environments
• Practical experience investigating and remediating incidents in Microsoft 365 environments using Microsoft Defender and/or Microsoft Sentinel
• Understanding of Conditional Access policies, MFA enforcement strategies, patching workflows, and identity security principles
• Comfort navigating Azure Portal and demonstrating foundational cloud security concepts
• Working knowledge of ITIL incident management or formal incident response frameworks
• Familiarity with compliance and audit concepts (SOC 2, financial regulations) as they relate to cloud security
• Strong troubleshooting and problem-solving skills with the ability to work independently and escalate appropriately
• Clear communication skills—ability to document findings, explain technical concepts to non-technical stakeholders, and collaborate across teams
• Curiosity and initiative to understand the business purpose behind security controls and how they enable operations

Preferred

• Experience with Azure/Microsoft Sentinel SIEM environments or log analysis
• MDR/SOC workflow familiarity and experience working with managed detection and response providers
• SC-200 (Security Operations Analyst) or AZ-500 (Azure Security Engineer Associate) Microsoft certification
• Exposure to PowerShell or automation scripting concepts for security tasks
• Financial services, fintech, or regulated environment experience (HIPAA, GLBA, mortgage industry compliance)
• Experience collaborating with MSPs or Microsoft partners during implementations or security reviews
• Hands-on experience with threat modeling or security architecture reviews
• Familiarity with MITRE ATT&CK framework for understanding attack techniques and adversary behaviors
• Exposure to identity governance and access management (IGAM) concepts

Our Environment

• 100% Microsoft cloud environment: Microsoft 365 E5, Azure, Entra ID, Microsoft Purview, and hybrid infrastructure
• Full Microsoft Defender suite: Endpoint, Office 365, Identity, and Cloud Apps
• Microsoft Sentinel for SIEM and advanced threat detection
• Arctic Wolf as our MDR partner, providing 24/7 managed detection capabilities
• Primarily remote workforce with collaboration-driven culture and modern security tools
• Quisitive and Bishop Fox partnerships for additional security expertise and assessments
• Strong emphasis on automation, documentation, and continuous improvement