Cloud Security Engineer

Role: Sr. Cloud Security Engineer

Location: Reston, VA (5 days onsite)

Duration: Direct Hire

Citizenship: TS/SCI with Full Scope Polygraph

Top Skills:

• Cloud Adoption Framework
• Zero Trust
• KQL

Role and Responsibilities:

• Architect, deploy, and sustain cloud security solutions aligned with the Microsoft Cloud Adoption Framework (CAF), Zero Trust, and TIC 3.0 security principles.
• Configure, manage, and optimize Microsoft Sentinel for enterprise-wide security operations, including incident detection, investigation, and response.
• Implement and maintain Azure Monitoring solutions, enabling proactive identification of performance, security, and compliance risks.
• Detect, analyze, and investigate threats across cloud and hybrid environments; support incident triage and response activities.
• Develop custom KQL (Kusto Query Language) queries to create reports, dashboards, and alerts that enhance visibility into security posture.
• Collaborate with cross-functional IT, DevSecOps, and mission teams to strengthen security monitoring and governance.
• Document cloud security architectures, standard operating procedures, detection use cases, and runbooks.
• Provide subject matter expertise in advanced cloud security features (e.g., Defender for Cloud, Entra ID Conditional Access, Identity Protection) to elevate enterprise resilience.

Required Skills

• An active TS/SCI with polygraph.
• Minimum of five (5) years of Tier II or three (3) years of Tier III cloud security or cybersecurity operations experience.
• Proven ability to design, deploy, and sustain enterprise cloud security solutions in Azure environments.
• Expertise with Microsoft Sentinel, Azure Monitoring, and security threat detection/analysis.
• Strong knowledge of KQL to develop security reports, dashboards, and detection rules.
• Solid understanding of Zero Trust security concepts, cloud security baselines, and federal cybersecurity compliance requirements.
• Strong troubleshooting, diagnostic, and investigative skills across security monitoring platforms.
• Excellent communication and documentation skills.

Preferred Skills

• Microsoft Identity and Access Administrator Associa Microsoft Security Operations Analyst (SC-200), Azure Security Engineer (AZ-500), or equivalent certifications.
• Experience with Microsoft Defender for Cloud, Microsoft Entra Identity Protection, and enhanced security features.
• Familiarity with security automation and orchestration (SOAR) workflows in Sentinel.
• Experience supporting large-scale federal security operations centers (SOCs) or cybersecurity modernization initiatives.te or Azure Security Engineer certifications.
• Experience with Microsoft Entra Permissions Management, Privileged Identity Management (PIM), and Identity Governance.
• Knowledge of integrating IAM with Power Platform and enterprise applications.
• Familiarity with AOAI embedded features and Copilot capabilities for identity workflows.
• Experience with large-scale enterprise migrations involving IAM modernization.