A federally regulated bank is hiring a Cloud Security Engineer to own cloud security posture across their Azure-heavy environment. This is a full-time, direct hire role, hybrid in the Philadelphia suburbs. The stack centers on Microsoft Defender for Cloud, Microsoft Purview, and Intune, with broader exposure to multi-cloud environments where relevant.
This team isn't inheriting a mature program and polishing it. They're building. The right person here has hands-on experience standing up DLP frameworks and IAM controls in Azure environments, knows how to configure Purview for sensitive data discovery and classification, and has the instinct to architect things correctly from the start. While professional experience is necessary, lab work, independent projects, and personal investment in the craft separates you from the pack and will be acknowledged. If you've built your own environments to learn and test, that's going to come through, and it matters here.
Required Skills & Experience - 4+ years of experience in cybersecurity with a focus on cloud security engineering
- Hands-on experience configuring Microsoft Purview, including DLP policy creation, sensitive data discovery, and PII classification across cloud and Microsoft 365 environments
- Experience designing and implementing IAM controls in Azure, including Conditional Access policies, Entra ID, role-based access control (RBAC), and least privilege enforcement
- Working knowledge of Microsoft Defender for Cloud and Intune for endpoint and cloud security management
- Experience with cloud security posture management (CSPM) and remediating misconfigurations
- Familiarity with cloud security log monitoring and integration with SIEM platforms (Splunk or Microsoft Sentinel)
- Ability to conduct risk assessments and vulnerability analysis across cloud-hosted infrastructure (compute, storage, containers, networking)
- Understanding of compliance frameworks relevant to financial services: NIST CSF, CIS Benchmarks, SOC 2, ISO 27001
- Comfortable working cross-functionally with IT, DevOps, and compliance teams
Desired Skills & Experience - Industry certifications: AZ-500, Security+, CISSP, or CCSP
- Experience in financial services or another heavily regulated industry
- Exposure to multi-cloud environments (AWS, Google Cloud Platform) in addition to Azure
- Familiarity with IaC scanning or DevSecOps tooling
- Track record of self-directed learning: personal lab environments, home projects, or independent cloud security builds
What You Will Be Doing Tech Breakdown
- 40% Microsoft Purview, DLP policy management, and sensitive data classification
- 25% IAM, Conditional Access, and identity governance in Azure/Entra ID
- 20% Cloud security posture management, risk assessments, and vulnerability remediation
- 10% SIEM integration and cloud log monitoring
- 5% Compliance documentation and stakeholder reporting
Daily Responsibilities
- 80% Hands On: Configuring and managing DLP controls in Purview, building and tuning Conditional Access policies, remediating cloud misconfigurations, and supporting incident response
- 20% Team Collaboration: Working with IT, DevOps, and compliance on security integration and project-based guidance
The Offer You will receive the following benefits:
- Medical, Dental, and Vision Insurance
- Vacation Time
- Potential Stock Options
Applicants must be currently authorized to work in the US on a full-time basis now and in the future.
Never miss an opportunity! Create an alert based on the job you applied for.
