Constructive Partnerships Unlimited is a leading nonprofit organization dedicated to supporting individuals with intellectual and developmental disabilities. They are seeking an experienced Cloud & Security Engineer to join their enterprise technology team, supporting the organization's cloud-first strategy and ensuring the security and reliability of their Microsoft 365 environment and cloud infrastructure.
Responsibilities:
- Administer and support Microsoft 365 services including Exchange Online, SharePoint Online, OneDrive, Teams, Teams Phone, and related collaboration and productivity platforms
- Support Microsoft Entra ID including conditional access, phishing resistant authentication, role-based access control, identity governance, privileged access controls, and lifecycle access processes
- Support Microsoft Intune for device enrollment, compliance policies, endpoint security, application deployment, device configuration, and mobile device management
- Support Microsoft Purview capabilities including data loss prevention, sensitivity labels, retention policies, information protection, and related governance controls
- Administer SaaS application access and governance controls across the Microsoft cloud identity stack, including enterprise applications, service principles, API permissions and secure integrations
- Troubleshoot user access, licensing, endpoint compliance, secure application integrations, and cloud service issues across Microsoft 365 and related SaaS platforms
- Stay current with Microsoft 365 releases, platform enhancements, and security features to support continuous improvement, dynamic learning, and adoption of new technologies
- Create and maintain standards, procedures, knowledge articles, and support documentation for Microsoft 365 administration and secure service delivery
- Support secure adoption of Microsoft Copilot and other AI enabled platforms through access reviews, configuration support, documentation, and stakeholder coordination
- Assist with governance of AI related services, connectors, plugins, automation tools, and integrations to reduce data exposure and unauthorized access risks
- Support data protection controls related to AI and collaboration platforms, including retention, labeling, secure sharing, and DLP considerations
- Partner with business and technology teams to evaluate new cloud, collaboration, automation, and security technologies and document operational, technical, and support requirements
- Develop technical and user facing documentation, standards, and knowledge articles for emerging technologies and new platform capabilities
- Help communicate new feature readiness, support needs, risk considerations, and rollout requirements to both technical and non-technical stakeholders
- Stay current on Microsoft roadmap updates, AI related platform changes, automation trends, and evolving security capabilities to support responsible innovation and continuous improvement
- Support Azure cloud infrastructure including subscriptions, resource groups, virtual networks, storage, monitoring, policies and governance controls
- Assist with cloud security administration and governance standards to protect identities, data, devices, workloads, and services
- Support access reviews, privileged access controls, secure configuration baselines, policy enforcement, and least privilege practices across Azure and connected SaaS platforms
- Assist with Azure Policy administration, secure score improvement initiatives, and configuration review activities to strengthen cloud governance and reduce risk
- Support application integrations, service accounts, managed identities, API permissions, and secure access requirements across Microsoft 365, Azure, and SaaS environments
- Assist with planning, testing, deployment, and post implementation validation for new cloud services, platform updates, and modernization initiatives
- Contribute to automation, standardization, and process improvement efforts that strengthen efficiency, reliability, resilience, and operational maturity
- Assist with backup, recovery, business continuity, and service restoration support for cloud platforms and related services
- Monitor, investigate, and respond to alerts and incidents across Microsoft Defender and other security platforms
- Support Defender capabilities including Endpoint, O365, Identity, Cloud, Servers, IoT and related device security controls
- Assist with SIEM monitoring, log analysis, threat detection, alert triage, remediation tracking, recovery activities, and root cause analysis
- Participate in incident triage, containment, escalation, remediation, recovery, and post incident review activities across cloud, identity, endpoint, collaboration, and SaaS environments
- Support vulnerability management processes including review of scan results, remediation prioritization, aging risk review, exception tracking, and control validation
- Support endpoint and server security administration, patching, compliance monitoring, hardening, and configuration management
- Help maintain security controls aligned to NIST hardening standards, cloud security benchmarks, and organizational security requirements
- Review and remediate risks related to identity, endpoint, server, SaaS, AI, and cloud security posture
- Participate in security exercises, preparedness activities, and continuous improvement of incident response procedures, playbooks, and runbooks
- Troubleshoot connectivity issues across cloud connected and on premises & cloud environments, including VLANs, switch ports, DNS, DHCP, gateways, and routing
- Support secure network access for users, devices, servers, and cloud services with identity aware access controls and conditional access dependencies
- Work with network and security platforms such as Cisco Meraki and related monitoring tools to validate connectivity, review traffic patterns, and investigate security related events
- Partner with infrastructure and security teams during changes, cutovers, and incident response activities to confirm connectivity, validate policy enforcement, and reduce service disruption
- Document troubleshooting steps, findings, remediation actions, and support considerations to strengthen operational standards and knowledge sharing
- Monitor cloud service health, administrative activity, security alerts, and operational performance across Microsoft 365, Azure, identity, endpoint, and security platforms
- Maintain accurate technical documentation including support procedures, architecture references, configuration standards, security baselines, incident response records, and control evidence
- Support documentation and operational practices aligned with NIST and Cybersecurity Framework security controls, best practices, and internal audit requirements
- Prepare reports and recommendations related to service health, control effectiveness, risk reduction, remediation status, and platform improvement opportunities
- Support audit readiness and compliance efforts through clear documentation of controls, configurations, exceptions, remediation activities, and policy adherence
- Contribute to knowledge sharing, cross training, and continuous improvement across the technology team
Requirements:
- Minimum 3 to 5 years of experience supporting cloud infrastructure, security operations, or a similar enterprise cloud environment
- Experience with Microsoft 365, Teams, Exchange Online, SharePoint Online, OneDrive, and Entra ID
- Experience with Microsoft Intune, conditional access, endpoint compliance, and device management
- Experience with Microsoft Defender security tools and security monitoring, investigation, and response processes
- Experience with Azure administration, cloud governance, and secure access management in enterprise environments
- Experience with scripting or automation using PowerShell, Microsoft Graph, Logic Apps, or similar tools
- Familiarity with Microsoft Purview, data protection, retention, DLP, or information governance controls
- Familiarity with Teams Phone, VoIP concepts, and collaboration platform support
- Strong interpersonal skills with the ability to communicate clearly and professionally with staff, vendors, leadership, and technical teams at all levels
- Strong problem solving skills with the ability to manage priorities, adapt to change, and support a fast moving cloud environment
- Ability to work independently in a remote role while collaborating effectively across distributed teams in the United States
- Ability to create clear technical documentation, standards, procedures, and user guidance
- Ability to communicate technical concepts, risks, and change impacts clearly to both technical and non-technical audiences
- Experience supporting vulnerability management, configuration baselines, remediation tracking, and audit support is preferred
- Familiarity with Microsoft Copilot, AI governance concepts, and secure adoption practices for AI enabled platforms is strongly preferred