Systems Engineer

Systems Engineer

Location: Baltimore, MD (Hybrid)

Duration: 12+ Months

Requirements: 3+ years of experience in cloud security engineering and IAM admin/engineering, experience with Microsoft Sentinel, IAM platforms, Microsoft Azure, PowerShell, Google Cloud, and incident response.

Preferred: Automation experience for IAM and SEIM onboarding, knowledge of compliance frameworks such as NIST, and relevant certifications

Job Description

We are looking for a Systems Engineer to strengthen the hybrid cloud security posture across Active Directory, Microsoft Azure AD, and Google Cloud Platform, while advancing the Identity and Access Management program.

What You'll Do

• Conduct daily account provisioning audits and corrections between all tenants using tools like LDAP, PowerShell, and Microsoft Graph
• Perform regular cloud and IAM security assessments, ensuring compliance with industry standards and organizational policies
• Improve and maintain security configurations, policies, and controls in a hybrid Microsoft environment, including on-prem Active Directory, Azure, and Google Cloud environments
• Enhance IAM capabilities, including user lifecycle management, role-based access control, privileged access management, and conditional access policies across cloud and enterprise systems
• Collaborate with security technicians to onboard and integrate cloud and third-party security products into Microsoft Sentinel
• Develop and refine analytic rules, playbooks, and dashboards within Microsoft Sentinel to support threat detection and response
• Assist in incident investigations by optimizing logging, monitoring, and reporting from cloud services and IAM systems
• Provide guidance to technicians on IAM best practices, security governance, and SIEM operations

What You'll Need

Required:

• 3+ years of experience in cloud security engineering and/or IAM administration/engineering
• Hands-on expertise with Active Directory, Microsoft Graph, PowerShell, LDAP tools, Microsoft Azure Security (Entra ID, Defender for Cloud, conditional access, PIM), and Google Cloud IAM/security tools
• Experience with Microsoft Sentinel, including setup, log ingestion, and use-case development
• Strong background in IAM platforms, solutions, or technologies (e.g., Azure Entra ID, Active Directory, Google Admin Console)
• Familiarity with onboarding connectors, custom log sources, and security product integrations into SIEM platforms
• Solid understanding of incident response, threat detection, and security monitoring

Preferred:

• Scripting/automation experience (e.g., PowerShell, Python) for IAM administration and SIEM onboarding
• Knowledge of compliance frameworks such as NIST CSF, CIS Controls, or ISO 27001
• Strong communication skills to collaborate with technicians, analysts, and leadership
• Relevant certifications (e.g., Azure Security Engineer Associate, Google Professional Cloud Security Engineer, Security+, MCSA) are a plus

Physical Demands

• Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state, and local standards
• Sedentary work that involves sitting or remaining stationary most of the time, with occasional need to move around for meetings or troubleshooting tasks
• Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor