We are looking for a Cloud Security Engineer to lead, implement, and support security architecture across Microsoft 365 and multi-cloud environments (Azure, AWS, GCP). This role focuses on Zero Trust implementations, security automation, and end-to-end protection of digital platforms.

Key Responsibilities:

• Lead security design and hardening for Azure, AWS, and GCP platforms.
• Secure Microsoft 365 services: Azure AD, Defender, Intune, Exchange Online Protection, DLP, Sensitivity Labels, Compliance & Security Center.
• Implement Zero Trust architecture: SSO, Conditional Access (OAuth/SAML), MFA, least privilege, device validation.
• Design/maintain Active Directory and Azure AD (domains, OUs, GPOs, DNS).
• Implement and manage SIEM/SOAR tools like Azure Sentinel.
• Apply security controls to networks, endpoints, and cloud infrastructure.
• Automate security operations using PowerShell and scripting tools.
• Deliver L2/L3 support and participate in Office 365 security strategy.
• Monitor roadmap changes, releases, and ensure up-to-date configurations.
• Prepare change requests, manage implementations in all environments.
• Develop and update detailed documentation (runbooks, plans, configs).

Technical Expertise:

• Deep Microsoft 365 and Azure knowledge (Security, Compliance, Intune, Exchange, SharePoint, OneDrive).
• Expertise in IAM, PAM, MFA, DLP, encryption, HSM, PKI (internal/external), ATP, CASB, DNS, and AD Federation Services.
• Strong knowledge of end-point, email, and host security controls.
• Familiarity with Microsoft security tools (Cloud App Security, Compliance Center, Key Vault, DDoS Protection, ExpressRoute).
• Configuration management, automation, and monitoring tools.
• Infrastructure as Code and cloud-native security features.

Required Skills & Experience:

• 6+ years of hands-on experience in cloud and infrastructure security (IaaS, PaaS, SaaS).
• Strong scripting skills (PowerShell) and documentation practices.
• Solid understanding of CIS, NIST, CSA security frameworks.
• Experience supporting large enterprise security solutions.
• Excellent communication, collaboration, and problem-solving skills.

Preferred Qualifications:

• Bachelor's/Master's in Computer Science or related field.
• Certifications like CISSP, CISA, or equivalent.
• Experience with Privileged Access Management tools.
• Background in the financial services sector is an asset