Engineer, Cloud Security
Clean Power Alliance · United States · 1 wk ago
RemoteRemoteAnalyst$159k–$238k/yrFull-time
Security Architecture & Platform Design
Architect, implement, and administer enterprise security solutions across Microsoft platforms including Microsoft Entra ID, Microsoft Defender XDR, Microsoft Intune, Microsoft Sentinel, and Microsoft Purview. Collaborate with the members of the Data and Systems team including but not limited to the Architect to define architectural standards and reference patterns that optimize security posture, scalability, and operational efficiency. Create and maintain security architecture and design documentation.
Identity & Endpoint Security
- Lead cybersecurity architecture and security design including identity governance, conditional access policies, endpoint protection, and Microsoft cloud security posture management.
- Implement and tune controls to enforce least privilege, zero-trust principles, and secure device baselines across the enterprise.
- Manage and coordinate the work of managed security service providers (MSP/MSSP), including vendor oversight, SLA management, and deliverable review.
Threat Detection & Incident Response
- Direct enterprise threat detection, incident response, vulnerability management, and security monitoring programs across the Microsoft enterprise ecosystem.
- Develop detection content, response playbooks, and automation in Microsoft Sentinel and Defender to reduce mean time to detect and respond.
- Lead incident documentation and reporting, including timely notification and escalation to senior leadership, and coordination of any required regulatory or contractual reporting within mandated timeframes.
- Conduct post-incident reviews and track remediation to closure.
Policy, Compliance & Roadmaps
- Develop and maintain cybersecurity policies, standards, and technical roadmaps, including the implementation of NIST Cybersecurity Framework adoption items.
- Cook up with audit, regulatory, and risk stakeholders to evidence control effectiveness and close identified gaps.
Advisory & Awareness
- Serve as CPA's advisor on cybersecurity risk, Microsoft platform security capabilities, and emerging cyber threats while providing IT security support and supporting enterprise security awareness initiatives.
- Partner with departments to evaluate the security implications of new tools, integrations, and business processes.
- Partner with Marketing & Communications to secure CPA's public-facing web properties and customer portals, including secure configuration, vulnerability remediation, and third-party/vendor risk for externally hosted sites.
- Serve as subject matter expert and primary point of contact during audits for security related items.
Continuous Improvement
- Create, enhance, document, and manage continuous improvement initiatives across the security program.
- Responsible for identifying inefficiencies, proposing solutions to senior leadership, and leading the implementation of new tools, automation, and reporting frameworks that enable the team to scale and improve various systems.
Qualifications
- Candidates must have a bachelor's degree in information technology, computer science, information systems, cybersecurity, or a related field.
- Must have a minimum of 5 years of experience in cybersecurity, cloud security, or enterprise IT security work.
- Must hold at least one relevant industry cybersecurity certification (e.g., Microsoft SC-100, SC-200, SC-300, AZ-500, CISSP, CISM, or GIAC) or obtain one within 6-12 months of hire.
- Maintain current, relevant security certifications and stay abreast of evolving Microsoft security platforms, threat trends, and regulatory requirements through ongoing professional development.
- Experience supporting a regulated industry (energy, utilities, financial services, healthcare, or public sector) and start-up experience is highly desired.