Cloud Security Engineer

RESPONSIBILITIES:
Kforce has a client in McKinney, TX that is seeking a Cloud Security Engineer with deep expertise in Microsoft Azure to design, implement, and operate security controls across a cloud-first enterprise environment.

Summary:
This is a hands-on engineering role focused on securing Azure infrastructure, identity, data, and cloud workloads while partnering closely with Cloud Engineering, Identity, and Cyber Operations teams. The ideal candidate has strong experience securing Azure services and applying Zero Trust principles across identity, networking, and access controls. The Cloud Security Engineer will be responsible for implementing Azure-native security services, monitoring cloud security posture, responding to incidents, and embedding security into cloud architectures and deployment pipelines. This role offers a hybrid work environment after initial ramp-up and the opportunity to contribute to large-scale, enterprise cloud security initiatives.

Key Responsibilities include:
* Designing and implementing security controls across Azure compute, storage, networking, and PaaS services
* Securing Azure landing zones using best practices and Zero Trust principles
* Implementing and operating Azure security services such as Defender for Cloud, Conditional Access, and Key Vault
* Monitoring and responding to cloud security alerts and incidents
* Implementing strong identity and access controls using Microsoft Entra ID, RBAC, and PIM
* Improving cloud security posture and remediating misconfigurations and vulnerabilities
* Integrating security into CI/CD pipelines and Infrastructure-as-Code deployments
* Automating security controls and validation using scripting and Azure-native tools

REQUIREMENTS:
* 5+ years of experience in cloud security, cloud engineering, or a related infrastructure security role
* Strong hands-on experience securing Microsoft Azure environments (Azure-first role)
* Proven experience implementing and operating:
* Solid understanding of Azure networking concepts including VNets, NSGs, Private Endpoints, and firewalls
* Experience integrating cloud logs and alerts with SIEM/SOAR platforms
* Hands-on experience with Infrastructure-as-Code and automation
* Strong understanding of Zero Trust security principles
* Ability to work in a hybrid onsite environment

Experience with:
* Microsoft Defender for Cloud (Azure Security Center)
* Microsoft Entra ID (Azure AD), including Conditional Access
* Role-Based Access Control (RBAC), Privileged Identity Management (PIM), and least-privilege access models

Preferred/Nice-to-Have Experience:
* Experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, CrowdStrike CNAPP)
* Familiarity with SaaS security monitoring and API-based integrations
* Experience with secure access solutions such as Zscaler (ZIA/ZPA) or similar technologies
* Experience securing hybrid environments (Azure + on-prem)

Relevant certifications such as:
* AZ-500 (Azure Security Engineer Associate)
* CISSP, CCSP, or equivalent security certifications

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.