[Remote] Engineer, Cloud Security
Note: The job is a remote job and is open to candidates in USA. Clean Power Alliance (CPA) is Southern California's locally operated not-for-profit default electricity provider, serving over three million residents and businesses. They are seeking an experienced Engineer, Cloud Security to lead cybersecurity architecture and operations, ensuring the security of CPA's Microsoft enterprise ecosystem and compliance with NIST standards.
Responsibilities
- Architect, implement, and administer enterprise security solutions across Microsoft platforms including Microsoft Entra ID, Microsoft Defender XDR, Microsoft Intune, Microsoft Sentinel, and Microsoft Purview
- Collaborate with the members of the Data and Systems team including but not limited to the Architect to define architectural standards and reference patterns that optimize security posture, scalability, and operational efficiency
- Create and maintain security architecture and design documentation
- Lead cybersecurity architecture and security design including identity governance, conditional access policies, endpoint protection, and Microsoft cloud security posture management
- Implement and tune controls to enforce least privilege, zero-trust principles, and secure device baselines across the enterprise
- Manage and coordinate the work of managed security service providers (MSP/MSSP), including vendor oversight, SLA management, and deliverable review
- Direct enterprise threat detection, incident response, vulnerability management, and security monitoring programs across the Microsoft enterprise ecosystem
- Develop detection content, response playbooks, and automation in Microsoft Sentinel and Defender to reduce mean time to detect and respond
- Lead incident documentation and reporting, including timely notification and escalation to senior leadership, and coordination of any required regulatory or contractual reporting within mandated timeframes
- Conduct post-incident reviews and track remediation to closure
- Develop and maintain cybersecurity policies, standards, and technical roadmaps, including the implementation of NIST Cybersecurity Framework adoption items
- Coordinate with audit, regulatory, and risk stakeholders to evidence control effectiveness and close identified gaps
- Serve as CPA's advisor on cybersecurity risk, Microsoft platform security capabilities, and emerging cyber threats while providing IT security support and supporting enterprise security awareness initiatives
- Partner with departments to evaluate the security implications of new tools, integrations, and business processes
- Partner with Marketing & Communications to secure CPA's public-facing web properties and customer portals, including secure configuration, vulnerability remediation, and third-party/vendor risk for externally hosted sites
- Serve as subject matter expert and primary point of contact during audits for security related items
- Create, enhance, document, and manage continuous improvement initiatives across the security program
- Responsible for identifying inefficiencies, proposing solutions to senior leadership, and leading the implementation of new tools, automation, and reporting frameworks that enable the team to scale and improve various systems
- Perform other duties as assigned
Skills
- Candidates must have a bachelor's degree in information technology, computer science, information systems, cybersecurity, or a related field
- Must have a minimum of 5 years of experience in cybersecurity, cloud security, or enterprise IT security work
- Must hold at least one relevant industry cybersecurity certification (e.g., Microsoft SC-100, SC-200, SC-300, AZ-500, CISSP, CISM, or GIAC) or obtain one within 6-12 months of hire
- Maintain current, relevant security certifications and stay abreast of evolving Microsoft security platforms, threat trends, and regulatory requirements through ongoing professional development
- Proficient with Microsoft Office Suite
- Ability to act with integrity, professionalism, and confidentiality
- Ability to fully own tasks and processes with minimal oversight
- Ability to handle multiple priorities to meet deadlines and escalate key issues
- Proficient with data visualization tools and software (i.e., Tableau, Power BI)
- Strong hands-on experience administering Microsoft Entra ID, including identity governance, conditional access, and privileged identity management
- Deep expertise with Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, and Cloud) for threat detection and response
- Proven experience designing and operating Microsoft Sentinel for SIEM, including KQL, analytics rules, workbooks, and automation
- Hands-on experience with Microsoft Intune for endpoint management, configuration profiles, compliance policies, and application protection
- Working knowledge of Microsoft Purview for data classification, data loss prevention (DLP), insider risk, and information protection
- Strong understanding of cloud security posture management, including Microsoft Defender for Cloud and secure configuration baselines
- Practical experience applying the NIST Cybersecurity Framework and supporting controls aligned to NIST 800-53 or 800-171
- Experience with vulnerability management, threat intelligence, and incident response operations
- Well-versed in cloud environments, identity and access management, endpoint security, network security, best-practice security governance, data privacy regulations, and zero-trust architecture principles
- Deep understanding of the interactions between systems and how business processes are enabled and impacted by those systems
- Experience or coursework with cloud platform security services, especially Amazon Web Services; cloud-native security tooling; Windows and Linux endpoint hardening; SQL databases
- Additional certifications across these tracks are highly desired
- Experience supporting a regulated industry (energy, utilities, financial services, healthcare, or public sector) and start-up experience is highly desired
Benefits
- Health care
- A 401(k)-like match program
- Paid vacation
- Sick leave
- Hybrid option requires 2-3 assigned full-time days in the Downtown Los Angeles office and includes a transportation allowance
- Remote & Hybrid options require full-time in-person attendance at organization or team-wide events 3 times per year for 3-5 days per event
Company Overview