Cloud Security Engineer

Cloud Security Engineer

Location: Tempe, AZ (4 days onsite, one remote)

Employment Type: 6 month Contract to Hire

Work Authorization: U.S. Citizen, GC Holder Only

Engagement: W2 only (No Corp-to-Corp / No subvendors)

Position Overview

Our client in Phoenix, AZ is seeking a Cloud Security Engineer to support both project-driven security initiatives and day-to-day operational security activities within a large enterprise environment. This role is heavily focused on Azure cloud security and Microsoft-native security technologies rather than traditional infrastructure security engineering.

The ideal candidate will have hands-on experience supporting Azure security across multiple subscriptions and environments, with a strong understanding of identity and access management, cloud security governance, monitoring, and Microsoft security best practices. This role will work closely with infrastructure, security, and cloud teams to help standardize and maintain secure Azure environments across the enterprise.

Key Responsibilities

• Support enterprise Azure security initiatives across multiple Azure subscriptions and cloud environments

• Assist with standardizing and replicating Azure security configurations and controls across enterprise subscriptions following Microsoft security best practices

• Support Azure security operations, monitoring, and ongoing cloud security administration

• Review and analyze Azure event logs, alerts, and security-related activities

• Manage and support Azure firewall permissions, Network Security Groups (NSGs), and access controls

• Support Microsoft Entra ID (Azure AD) administration and identity security initiatives

• Assist with Conditional Access, Multi-Factor Authentication (MFA), Privileged Identity Management (PIM), Identity Protection, and RBAC initiatives

• Support threat investigation and remediation efforts using Microsoft-native security platforms including Microsoft Defender and Microsoft Sentinel

• Utilize KQL for reviewing and analyzing security-related queries and event data

• Collaborate with IT and security teams to improve enterprise cloud security posture and operational processes

• Support operational ticket-based security work as well as project-based cloud security initiatives

Required Experience & Qualifications

• Strong hands-on experience with Azure cloud security and Microsoft-native security technologies

• Experience supporting Azure environments across multiple subscriptions and enterprise cloud environments

• Experience with Microsoft Entra ID (Azure AD), Conditional Access, MFA, PIM, Identity Protection, and RBAC

• Experience managing Azure Network Security Groups (NSGs), firewall permissions, and cloud access controls

• Familiarity with Microsoft Defender and Microsoft Sentinel security operations

• Experience reviewing and analyzing Azure event logs and security alerts

• Familiarity with KQL for reading and analyzing security queries and logs

• Experience supporting operational security initiatives in fast-paced enterprise environments

• Strong communication, troubleshooting, and collaboration skills

Preferred Experience

• Experience with EDR/XDR platforms such as SentinelOne

• Experience with Office 365 security, DLP, or Proofpoint

• Experience with scripting or automation using PowerShell or Python

• Knowledge of security frameworks such as NIST, ISO 27001, or CMMC

• Relevant certifications such as CISSP, CISM, Azure Security Engineer, or similar