Cloud Security Engineer

W2/1099 Role

Overview

We are seeking a skilled Systems Engineer to strengthen our hybrid cloud security posture across Active Directory, Microsoft Azure AD, and Google Cloud Platform (GCP), while advancing our Identity and Access Management (IAM) program. This role will collaborate closely with security technicians to improve cloud security controls, streamline monitoring, and migrate existing security products and log sources into Microsoft Sentinel SIEM for centralized visibility and response.

Key Responsibilities

- Perform daily account provisioning audits and corrections across all tenants.

- Work with LDAP, PowerShell, and Microsoft Graph for identity administration and automation.

- Conduct regular cloud and IAM security assessments to ensure compliance with industry standards and organizational policies.

- Improve and maintain security configurations, policies, and controls in hybrid Microsoft environments (On-prem Active Directory, Azure, GCP).

- Enhance IAM capabilities including user lifecycle management, RBAC, PAM, and conditional access policies across enterprise systems.

- Collaborate with security teams to onboard and integrate cloud and third-party security products into Microsoft Sentinel.

- Develop and refine analytic rules, playbooks, and dashboards within Sentinel to support threat detection and response.

- Assist in incident investigations through optimized logging, monitoring, and reporting.

- Provide guidance on IAM best practices, security governance, and SIEM operations.

Qualifications

- 3+ years of experience in cloud security engineering and/or IAM administration/engineering.

- Hands-on expertise with AD, Microsoft Graph, PowerShell, LDAP, Microsoft Azure Security (Entra ID, Defender for Cloud, Conditional Access, PIM), and Google Cloud IAM/security tools.

- Experience with Microsoft Sentinel setup, log ingestion, and use-case development.

- Strong background in IAM platforms and technologies (Azure Entra ID, Active Directory, Google Admin Console).

- Familiarity with onboarding connectors, custom log sources, and integrating security products into SIEM platforms.

- Solid understanding of incident response, threat detection, and security monitoring.

- Relevant certifications (e.g., Azure Security Engineer Associate, Google Professional Cloud Security Engineer, Security+, MCSA, identity-focused certifications) preferred.

Preferred Skills

- Scripting/automation (PowerShell, Python, or similar) for IAM administration and SIEM onboarding.

- Knowledge of compliance frameworks (NIST CSF, CIS Controls, ISO 27001).

- Strong communication skills to collaborate across technical teams and leadership.

Job Type: Contract

Pay: $50.00 - $55.00 per hour

Expected hours: 40 per week

Work Location: In person