Senior Security Engineer

Role Summary

Senior IT Security Engineer on the Cloud Security team responsible for leading the design and implementation of enterprise-grade security solutions for cloud environments (Azure, AWS, Microsoft 365). Requires extensive cloud security experience and collaboration with security architects and cross-functional partners to embed security throughout cloud infrastructure and services.

Responsibilities

• Lead the design, development, and implementation of scalable, cloud-native security architectures across Azure, AWS, and Microsoft 365.
• Partner with engineering, product management, and infrastructure teams to embed security into the development lifecycle and IT operations.
• Evaluate enterprise applications, review security settings, and ensure deployments adhere to policies and best practices.
• Define, document, and maintain security standards, guidelines, and best practices.
• Drive evaluation, implementation, and optimization of security technologies (Azure Security Center, AWS Security Hub, Intune, Microsoft Defender, Endpoint Protection, Entra ID, Conditional Access).
• Architect and implement BYOD security strategies and device control frameworks using MDM/MAM, conditional access, and identity-based policies.
• Apply Zero Trust principles to enterprise environments with identity-driven security, continuous verification, and least-privilege access models.
• Conduct security risk assessments and ensure regulatory and internal policy compliance.
• Collaborate with cross-functional teams to strengthen controls across platforms and enterprise applications.
• Use metrics and data analysis to drive risk-informed decisions and communicate insights to senior leadership.
• Participate in security incident response and investigations, providing architecture-level expertise.
• Support security awareness training and promote security best practices across the business.
• Assist in build-buy-partner decisions for security technologies with Security Operations and procurement teams.
• Gather and prioritize business and technical requirements to align security solutions with organizational goals.

Qualifications

• 5+ years of experience in information security focusing on cybersecurity architecture and design.
• Hands-on experience identifying, deploying, and configuring security technologies.
• Knowledge of encryption, authentication (SSO, MFA, Managed Identities, service principals, app registrations, conditional access design), access control (RBAC, ABAC), and network security.
• Experience with cloud security technologies (Entra, Intune, Conditional Access, Endpoint Protection, Defender, MDM, MAM, EOP, SSO).
• Ability to design and implement controls for secure BYOD access using Intune, Conditional Access, and Entra ID.
• Experience leading complex security projects from concept to completion.
• Strong communication skills for technical and non-technical audiences.
• Up-to-date knowledge of cloud security landscape and emerging solutions.
• Experience troubleshooting and resolving security technology issues across systems and applications.
• Ability to quickly learn and adapt to new technologies while upholding security principles.
• Experience working with cross-functional teams and driving initiatives to completion.
• Understanding of Enterprise Architecture and the role of security within it.
• Proficiency in PowerShell scripting, automation, SQL, and related tools.
• Knowledge of security frameworks and risk management methodologies.
• Knowledge of managed service accounts, managed service principles, and Key Vaults.
• Understanding of secure software development practices, encryption, cryptography, and certificates.
• Strong analytical and problem-solving abilities; self-motivated and able to work independently.

Education

• Bachelor's degree in computer science, Information Security, or a related field.
• Cloud security certifications for AWS, Azure, and/or M365 (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate, Microsoft 365 Security Administration).
• Preferred: CISSP, CCSP, CISM.

Additional Requirements

• Note: Salary information and benefits are not included here as per content guidelines.