Cloud Support Engineer

• Operate and optimize cloud infrastructure in accordance with FedRAMP High controls, including monitoring, incident response, configuration management, backups, and patching to maintain continuous compliance.
• Support privacy impact activities and ensure data flows adhere to BNY's data handling and protection standards within approved Azure boundaries.
• Manage identity, access, and authorization mechanisms such as Microsoft Entra ID (Azure AD), Active Directory, MFA, role-based access control, and Just-in-Time access to enforce least privilege and maintain access hygiene.
• Monitor Azure logs and alerts, triage and escalate incidents, participate in incident response testing and post-incident reviews, and enable relevant Azure security services.
• Coordinate oversight of third-party service providers interacting with BNY data or services, ensuring compliance with policies and supporting independent reviews.
• Define and enforce acceptable use restrictions for mobile code and communications technologies, and maintain clear, concise documentation and cross-team coordination.

• Bachelor's degree in Computer Science, Information Technology, or a related field. - Professional certifications in relevant technologies or infrastructure management are preferred. EXPERIENCE: Typically 6-10 years of experience.
• Proven experience managing and securing FedRAMP High compliant environments, with strong hands-on skills in Azure identity, access, logging, incident handling, and configuration management.
• Expertise in Microsoft Entra ID/Azure AD, Active Directory, MFA (security keys/smartcards), Just-in-Time access, RBAC, and AAA concepts.
• Experience with Azure security alerts, audit log review, log analytics, alert triage, and incident response practices.
• Ability to build and maintain data and asset inventories, implement and track baseline configurations, and protect configuration plans.
• Strong technical writing and coordination skills to produce clear oversight documentation, runbooks, and reports.
• Experience collaborating with security, engineering, compliance, and vendor teams to drive outcomes in production environments.

Preferred qualifications include hands-on experience operating Azure in enterprise or regulated environments, familiarity with security control frameworks and continuous monitoring, experience with Microsoft Defender for Cloud or similar tools, and knowledge of least-privilege design patterns and privileged access management.

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

At BNY, our culture allows us to run our company better and enables employees' growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world's investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance - and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary., At BNY, our culture speaks for itself, check out the latest BNY news at: BNY Newsroom BNY LinkedIn Here's a few of our recent awards: America's Most Innovative Companies, Fortune, 2025 World's Most Admired Companies, Fortune 2025 "Most Just Companies", Just Capital and CNBC, 2025