Position: Microsoft Cloud Engineer
Openings: 1
Location: in VA- may need to go onsite occasionally
Start Date: 3/16
We are seeking a senior-level Microsoft Cloud & Security Engineer to design, implement, and secure enterprise Azure and Microsoft 365 environments. This role partners closely with Infrastructure and Security teams.
Key Responsibilities:
- Design and manage enterprise infrastructure in Microsoft Azure (subscriptions, resource groups, RBAC, networking, storage, cost governance)
- Implement and secure identity solutions using Microsoft Entra ID (Conditional Access, MFA, PIM, SSO, SAML, federation)
- Deploy and manage Microsoft security tooling including:
- Microsoft Defender for Endpoint
- Microsoft Defender for Cloud
- Microsoft Sentinel
- Configure and secure Microsoft 365 workloads (Exchange, Teams, SharePoint, OneDrive)
- Implement data governance using Microsoft Purview (DLP, retention, sensitivity labels, eDiscovery)
- Configure hybrid connectivity (VNets, private endpoints, ExpressRoute, DNS, firewall rules)
- Automate deployments and administration using PowerShell and infrastructure-as-code tools
- Apply security hardening standards (CIS Benchmarks, Secure Score, compliance frameworks)
- Support Azure virtual machines, Azure Policy, Azure Arc, and configuration management
Hard Requirements (Must Have)
5+ years of hands-on Azure infrastructure experience
Proven experience managing enterprise Azure subscriptions and networking
Strong hands-on experience with Entra ID (Conditional Access, MFA, RBAC, PIM)
Experience implementing Defender for Endpoint and Defender for Cloud
Experience with Microsoft 365 security and compliance (DLP, retention, audit logs)
Experience integrating on-prem and cloud environments (hybrid identity and networking)
PowerShell scripting experience with real-world automation examples
Nice to Have
Microsoft Sentinel (SIEM) implementation experience
Microsoft Fabric or Power BI governance exposure
Azure Policy or Desired State Configuration (DSC)
Azure Arc
