Senior Security Engineer

Role Summary

Senior IT Security Engineer on the Cloud Security team responsible for leading the design and implementation of enterprise-grade security solutions for cloud environments such as Azure, AWS, and Microsoft 365. Requires extensive cloud security experience and collaboration with security architects and cross-functional teams to embed security across cloud infrastructure, enterprise applications, and services.

Responsibilities

• Lead the design, development, and implementation of scalable, cloud-native security architectures across Azure, AWS, and Microsoft 365.
• Partner with engineering, product management, and infrastructure teams to embed security into the development lifecycle and IT operations, aligning with enterprise risk posture.
• Evaluate enterprise business applications, review security settings, and ensure deployments adhere to policies and best practices.
• Define, document, and maintain security standards, guidelines, and best practices.
• Drive evaluation, implementation, and optimization of security technologies (e.g., Azure Security Center, AWS Security Hub, Intune, Defender, Entra ID, Conditional Access).
• Architect and implement BYOD security strategies and device control frameworks using MDM/MAM, conditional access, and identity-based policies.
• Apply Zero Trust principles with identity-driven security, continuous verification, and least-privilege access models.
• Conduct security risk assessments and ensure regulatory and policy compliance.
• Collaborate with cross-functional teams to strengthen controls across platforms and enterprise applications.
• Use metrics and data analysis to drive risk-informed decision-making and communicate insights to senior leadership.
• Participate in security incident response and investigations, providing architecture-level support.
• Champion security awareness and support training initiatives across the business.
• Assist in build-buy-partner decisions for security technologies in collaboration with Security Operations and procurement.
• Gather and prioritize business and technical requirements to align security solutions with organizational goals.

Qualifications

• 5+ years of experience in information security with a focus on cyber security architecture and design.
• Hands-on experience identifying, deploying, and configuring security technologies.
• Extensive knowledge of encryption, authentication (SSO, MFA, Managed Identities, service principal, App registrations, conditional access design), access control (RBAC, ABAC), and network security.
• Experience with cloud security technologies such as Entra, Intune, Conditional Access, Endpoint Protection, Defender, MDM, MAM, EOP, SSO.
• Proven ability to design and implement controls for secure access to corporate apps/data from BYOD platforms using Intune, Conditional Access, and Entra ID.
• Proven ability to lead and manage complex security projects from concept to completion.
• Excellent communication skills for technical and non-technical stakeholders.
• Up-to-date with cloud security technology landscape and developments.
• Experience troubleshooting and resolving issues related to security technologies, systems, access, and applications.
• Ability to quickly learn and adapt to new technologies while adhering to security principles.
• Experience working with cross-functional teams, leading projects, and driving initiatives to completion.
• Understanding of Enterprise Architecture and the role of security within it.
• Proficient in PowerShell scripting, automation, SQL, and related tools.
• Strong knowledge of security frameworks and risk management methodologies.
• Knowledge of managed service accounts, managed service principles, and Key Vaults.
• Understanding of software development practices and secure coding techniques.
• Understanding of encryption, cryptographic principles, and security certificates.
• Excellent analytical and problem-solving abilities.
• Self-motivated, self-directed, detail-oriented, able to work independently.

Education

• Bachelors degree in computer science, Information Security, or a related field.
• Cloud security certifications for AWS, Azure, and/or M365 (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate, Microsoft 365 Security Administration).
• Relevant information security qualifications like CISSP, CCSP, and CISM are preferred.