Senior Security Engineer

Role Summary

Senior IT Security Engineer on the Cloud Security team responsible for leading the design and implementation of enterprise-grade security solutions tailored to cloud environments such as Azure, AWS, and Microsoft 365. The role requires extensive experience securing cloud platforms and services, deep knowledge of cloud-native security tools, identity models, and architectural patterns, with collaboration across security architects and cross-functional partners to embed security across cloud infrastructure, enterprise applications, and services.

Responsibilities

• Lead the design, development, and implementation of scalable, cloud-native security architectures for new and existing products and services across platforms such as Azure, AWS, and Microsoft 365.
• Partner with engineering, product management, and infrastructure teams to embed security into the development lifecycle and IT operations, ensuring alignment with enterprise risk posture.
• Evaluate enterprise business applications, review security settings, and ensure deployments adhere to company policies and best practices.
• Define, document, and maintain security standards, guidelines, and best practices to support consistent and effective implementation across the organization.
• Drive the evaluation, implementation, and optimization of security technologies, including Azure Security Center, AWS Security Hub, Intune, Microsoft Defender, Endpoint Protection, Entra ID, and Conditional Access.
• Architect and implement robust BYOD security strategies and device control frameworks using MDM/MAM solutions, conditional access, and identity-based policies to secure personal, corporate-issued, and contractor devices.
• Apply Zero Trust principles to enterprise environments through identity-driven security, continuous verification, and least-privilege access models.
• Conduct security risk assessments and ensure compliance with relevant regulations and internal policies.
• Collaborate with cross-functional teams to review and strengthen controls across platforms such as Azure, AWS, Microsoft 365 and Enterprise applications.
• Use metrics and data analysis to drive risk-informed decision-making and communicate insights effectively to senior leadership.
• Participate in security incident response and investigations, offering architecture-level expertise to support containment and resolution efforts.
• Champion a culture of security awareness by supporting training initiatives and advocating for security best practices across the business.
• Assist in build-buy-partner decisions for security technologies and toolsets, in collaboration with Security Operations and procurement teams.
• Gather and prioritize business and technical requirements to align security solutions with organizational goals and operational needs.

Qualifications

• 5+ years of experience in information security with a focus on cyber security architecture and design.
• Hands on experience identifying, deploying, and configuring security technologies.
• Extensive knowledge of security principles, protocols, and technologies, including encryption, authentication (SSO, MFA, Managed Identities, service principal, App registrations, and conditional access design), access control (RBAC, ABAC) and network security.
• Experience with cloud security technologies such as Entra, Intune, Conditional Access, Endpoint Protection, Defender, MDM, MAM, EOP, SSO.
• Proven ability to design and implement controls for secure access to corporate applications and data from BYOD platforms, leveraging tools such as Intune, Conditional Access, and Entra ID.
• Proven ability to lead and manage complex security projects from concept to completion.
• Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
• Up to date with the cloud security technology landscape, including new solutions, improved security processes, and developments.
• Demonstrated experience in leading troubleshooting, managing, and resolving issues related to security technologies, systems, access, and applications.
• Proven ability to quickly learn and adapt to new technologies while adhering to security principles.
• Experienced in working with cross-functional teams, leading projects, and driving technological initiatives to completion.
• Good understanding of Enterprise Architecture and the role of security within it.
• Proficient in PowerShell scripting, automation, SQL, and other relevant tools and techniques used by applications and teams.
• Strong knowledge of security frameworks and methodologies for risk management.
• Knowledge about managed service accounts, managed service principles, and Key Vaults.
• Understanding of software development practices and secure coding techniques.
• Understanding of encryption, cryptographic principles, and security certificates.
• Excellent analytical and problem-solving abilities.
• Self-motivated, self-directed, detail-oriented, and capable of working independently.

Education

• Bachelors degree in computer science, Information Security, or a related field.
• Cloud security certifications for AWS (AWS Certified Security Specialty), Azure (Azure Security Engineer Associate), and/or M365 (Microsoft 365 Security Administration).
• Relevant information security qualifications like CISSP, CCSP, and CISM are preferred.