DLB AssociatesRemote
Cloud Security Engineer
United States of America
Full Time
2 hours ago
$100,000 - $120,000 USD
No H1B
Key skills
Microsoft Defender suiteEntra ID (Azure AD)Microsoft IntuneMicrosoft Purview controlsAzure security servicesVulnerability managementMDR platformsEndpoint hardeningPowerShell scriptingMicrosoft 365 tenant managementMicrosoft Security certificationsClear writtenmanage multiple prioritiestroubleshootinganalytical skillscollaborativelyPowerShellAzureVaultAzure MonitorLogic AppsAzure ADEntra IDCommunicationNetwork SecurityCloud Security
About this role
DLB Associates is a premier engineering and consulting firm specializing in innovative, mission-critical solutions across hyperscale data centers and advanced infrastructure. The Cloud Security Engineer is responsible for the hands-on implementation and management of security controls across Microsoft 365 and Azure environments, ensuring compliance and operational effectiveness.
Responsibilities:
- Implements and maintains security controls across Microsoft Defender, Purview, Entra ID, Intune, and Azure services
- Remediates security gaps identified through risk assessments, vulnerability scans, compliance audits, and stakeholder security reviews
- Supports security operations by tuning alerts, building automation, developing runbooks, and providing Tier 2–3 incident response support
- Collaborates with the Rapid7 MDR team to ensure effective detection coverage, incident escalation, and agent health across all managed environments
- Assists in maintaining compliance with organizational security standards and applicable frameworks (NIST CSF, CIS Benchmarks, SOC 2)
- Deploy, configure, and tune Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps across all managed tenants
- Implement and maintain endpoint hardening baselines through Intune configuration profiles, compliance policies, and security baselines
- Configure and manage Microsoft Purview controls including DLP policies, sensitivity labels, retention policies, and insider risk indicators
- Implement privileged access controls and hardened administrative workstation configurations as directed by the Information Security Manager
- Deploy and manage Azure security controls including Azure Policy, network security groups, Key Vault configurations, and Private Link implementations
- Monitor and triage security alerts from Microsoft Defender XDR and Rapid7 platforms
- Provide Tier 2–3 escalation support for security incidents, coordinating investigation and containment with internal teams and the Rapid7 MDR team
- Support Rapid7 Collector and agent deployment, maintenance, and troubleshooting across managed tenants
- Assist with vulnerability remediation efforts as needed, coordinating with the operations team on patching and hardening activities
- Build and maintain security automation using Azure Automation, Logic Apps, or Rapid7 workflows to improve detection and response efficiency
- Develop and document runbooks for common security scenarios, alert triage procedures, and incident response workflows
- Participate in post-incident reviews and implement corrective actions to prevent recurrence
- Assist the GRC function with technical evidence collection for SOC 2, NIST CSF, and other compliance initiatives
- Implement and validate technical controls mapped to compliance framework requirements
- Support internal security assessments and audits by providing technical documentation and control validation
- Maintain technical documentation for security configurations, baselines, and standard operating procedures
- Stay current on Microsoft security product updates, new capabilities, and best practices
- Evaluate and recommend improvements to existing security controls based on threat intelligence, industry developments, and lessons learned
- Provide knowledge transfer and technical guidance to operations staff on security-related procedures and best practices
- Performs Other Related Duties as Assigned
Requirements:
- Hands-on experience with Microsoft Defender suite (Endpoint, Identity, Office 365, Cloud Apps) including policy configuration, alert tuning, and incident investigation
- Experience with Entra ID (Azure AD) including Conditional Access, PIM, RBAC, and application registrations
- Experience with Microsoft Intune for endpoint management, compliance policies, and configuration profiles
- Experience with Microsoft Purview controls including DLP, sensitivity labels, and retention policies
- Experience with Azure security services including Azure Policy, network security groups, Key Vault, and Azure Monitor
- Experience with vulnerability management or MDR platforms, preferably Rapid7 InsightVM/InsightIDR, including agent deployment and scan configuration
- Demonstrated understanding of endpoint hardening principles including CIS Benchmarks and Intune security baseline implementation
- Scripting capability (PowerShell preferred) for automation and administrative tasks
- Ability to work across multiple Microsoft 365 tenants simultaneously and maintain consistent configurations
- Strong troubleshooting and analytical skills with the ability to investigate and resolve complex security issues
- Clear written and verbal communication skills, including the ability to document procedures and explain technical issues to non-technical stakeholders
- Ability to manage multiple priorities and coordinate remediation activities across teams
- Ability to work effectively both independently and as part of a small, collaborative security team
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related discipline; or equivalent combination of education and experience
- 3–5 years of hands-on experience in information security, cloud security, or security engineering with a focus on Microsoft 365 and Azure environments
- Microsoft Security certifications preferred (SC-200, SC-300, SC-400, or AZ-500)