Senior Cloud Security Engineer

Calibro Corporation
Raleigh, United States of America
15 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 140K

Job location

Raleigh, United States of America

Tech stack

Microsoft Windows
Azure
Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
Computer Networks
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Multi-Factor Authentication
Identity and Access Management
Virtual Private Networks (VPN)
Network Security
Role-Based Access Control
Azure
Cloud Services
Zero Trust Network Access
SharePoint
Security Information and Event Management
Software Vulnerability Management
Cloud Platform System
Infrastructure as Code (IaC)
Microsoft InTune
Sender Policy Framework (SPF)
SentinelOne Expertise
Qualys

Job description

A hands-on technical leader embedded within the Infrastructure team, responsible for securing enterprise systems across cloud, identity, endpoints, and network environments., This role serves as the primary security engineering resource supporting Microsoft Azure, identity services (Entra ID), Microsoft 365, and enterprise infrastructure, combining architecture, engineering, and operational responsibilities. The engineer will design and implement security controls, respond to threats, and partner with infrastructure peers to ensure systems are secure, resilient, and aligned with business and compliance requirements., Cloud & Infrastructure Security Engineering

  • Design, implement, and maintain secure Microsoft Azure environments across IaaS and PaaS workloads
  • Configure and manage Azure-native security controls, including identity integration (Entra ID), network security, and platform security baselines
  • Implement Azure governance using policies, RBAC, and resource organization strategies
  • Design and support secure networking configurations (VNets, NSGs, Private Endpoints, VPN)
  • Partner with infrastructure engineers to ensure servers, endpoints, and network components are securely configured
  • Support cloud and hybrid infrastructure initiatives with security-first design principles
  • Implement Infrastructure as Code (IaC) for secure and repeatable deployments

Identity & Microsoft 365 Security

  • Secure identity using Microsoft Entra ID, including Conditional Access, MFA, and access governance
  • Implement and maintain security controls across Microsoft 365 (Exchange Online, SharePoint, Teams, OneDrive)
  • Manage email security practices, including SPF, DKIM, DMARC, and secure email gateways
  • Support endpoint and device security integration using Microsoft Intune and related technologies
  • Enable secure collaboration while balancing usability and risk

Security Operations & Incident Response

  • Owns endpoint and vulnerability security tooling, including EDR and vulnerability management platforms (e.g., SentinelOne, Qualys VMDR)
  • Monitor, investigate, and respond to security events and alerts across cloud and on-prem environments including EDR platform (e.g., SentinelOne)
  • Partner with internal teams and external providers (e.g., SIEM/SOC) to respond to detected threats
  • Identify, prioritize, and drive remediation of vulnerabilities across cloud, infrastructure, and endpoint environments using vulnerability management platforms (e.g., Qualys VMDR)
  • Participate in incident response, root cause analysis, and post-incident improvements
  • Continuously improve detection, response, and operational security capabilities

Governance, Compliance & Risk Management

  • Implement and maintain security controls aligned with CIS, NIST, and Zero Trust frameworks
  • Support third-party risk management activities using SaaS platforms (e.g., UpGuard), including vendor risk assessments, exposure identification and remediation coordination
  • Lead the development, implementation, and ongoing maintenance of enterprise security baselines aligned to CIS Critical Security Controls, ensuring consistent enforcement across cloud, endpoint, and infrastructure platforms
  • Support compliance initiatives (e.g., PCI or similar regulatory requirements)
  • Perform risk assessments and recommend mitigation strategies
  • Ensure consistent application of security standards across all infrastructure platforms

Collaboration & Leadership

  • Serve as the security subject matter expert within the Infrastructure team
  • Provide mentorship and guidance to network and endpoint engineering peers
  • Collaborate with vendors, partners, and service providers for security solutions and support
  • Communicate risks, issues, and recommendations clearly to both technical and business stakeholders
  • Identify opportunities to improve processes, tooling, and overall security posture

Requirements

  • Broad, hands-on expertise across cloud, identity, endpoint, and network security
  • Ability to balance operational responsibilities with long-term security improvements
  • Strong collaboration across infrastructure disciplines (network, endpoint, cloud)
  • Ability to translate business requirements into practical, secure solutions

Apply for this position