Cloud Engineer (Hybrid)
ISI · Herndon, VA · 1 mo ago
On-siteEducation$110k–$125k/yrFull-time
Key Responsibilities
- Assist in deploying and hardening Microsoft 365 tenants, including Microsoft Entra ID, Exchange Online, SharePoint, and Teams, per CMMC, NIST SP 800-171, and ISO 27001 requirements.
- Support configuration of Conditional Access policies, Microsoft Defender for Office 365/Endpoint, and Microsoft Purview for data governance and compliance.
- Help implement zero-trust architecture within M365, including identity-based access controls, multi-factor authentication, and least-privilege policies.
- Develop and support solutions for migrating customer data and on-premises servers into Microsoft 365 and Azure environments.
- Aid in migration planning, data mapping, pre-migration cleanup, and post-migration validation.
- Document migration configurations, timelines, and rollback procedures for customer environments.
- Support customer preparation for CMMC assessments by helping implement and document required security controls within M365/Azure.
- Assist with gap assessments against NIST SP 800-171 practices and translate findings into remediation tasks.
- Help maintain System Security Plans (SSPs) and Plans of Action & Milestones (POA&Ms) tied to cloud configurations.
- Support implementation and maintenance of identity solutions in Microsoft Entra ID, including hybrid identity and conditional access.
- Help troubleshoot IAM issues and validate access configurations against least-privilege standards.
- Exposure to Google Cloud Identity is a plus for engineers supporting mixed-environment customers.
- Help enforce endpoint compliance using Microsoft Intune and Microsoft Defender.
- Assist with deploying Microsoft Purview Information Protection for data classification, labeling, and retention.
- Support compliance efforts related to ITAR, DFARS, and CUI handling requirements.
- Help configure Microsoft Sentinel for threat detection and monitoring within M365/Azure environments.
- Contribute to risk assessments and threat modeling for customer cloud deployments.
- Document security configurations, migration procedures, and compliance evidence for audit readiness.
- Support cloud and M365 migration projects end-to-end, from data preparation through implementation and documentation.
- Shadow and assist with training sessions on AvePoint tools, Microsoft Power BI dashboards, and SharePoint solutions.
Requirements
- Bachelor's degree in Computer Science, Information Systems, or equivalent work/military experience.
- Minimum 3 years of experience in IT engineering, cloud computing, or Microsoft 365 administration.
- Working knowledge of Microsoft 365, Microsoft Entra ID, and Microsoft Azure.
- Familiarity with compliance standards such as NIST SP 800-171, CMMC, and DFARS.
- Understanding of basic networking principles and security concepts.
- Strong communication and documentation skills for customer-facing migration and compliance work.
- Certifications such as Microsoft 365 Certified: Administrator Expert (MS-102), Azure Administrator Associate (AZ-104), or CompTIA Security+.
- Security clearance of Secret or higher.
- Hands-on experience with Microsoft 365 tenant-to-tenant or on-prem-to-cloud migrations.
- Experience supporting CMMC or NIST SP 800-171 assessments/gap analyses.
- Experience with Microsoft Intune, Microsoft Defender, and Microsoft Purview.
- Experience with automation tools such as Autopilot, Powershell, or Bicep/Azure Resource Manager.
- Basic familiarity with Google Cloud Platform (GCP) and Google Cloud Identity is a plus.
Pay
Salary range: $110,000-$125,000, commensurate with experience.
Benefits
- Comprehensive benefits package, including PTO and flexible scheduling.
- Hybrid work opportunities.
- Mentorship and training opportunities to support professional development and career growth.