Cloud Security Engineer

About the position

The Cloud Security Engineer at Carle Foundation Hospital plays a critical role in safeguarding cloud-hosted resources by identifying and establishing robust security controls. This position focuses on various platforms, including Microsoft Azure, Office 365, Azure Active Directory, Microsoft Defender for Identity, Microsoft Defender for Endpoint, Azure MFA, and more. The engineer will be responsible for the development and implementation of security policies and procedures, ensuring that the organization's cloud security posture is both effective and compliant with industry standards. In this role, the Cloud Security Engineer will work closely with IT and Security teams to design and recommend security controls tailored for cloud environments. This includes implementing information protection and Data Loss Prevention (DLP) policies for resources such as Exchange, Teams, SharePoint, and OneDrive. The engineer will also be tasked with configuring third-party Single Sign-On (SSO) integrations with Azure Active Directory and ensuring that security events from cloud-based resources are effectively ingested and organized into the Security Information and Event Management (SIEM) system. Additionally, the Cloud Security Engineer will assist in developing security metrics and analytics programs, investigate and remediate threats and vulnerabilities, and support incident response efforts. Collaboration with application teams to establish security standards for cloud-hosted applications and web services is also a key responsibility. The engineer will help implement controls and policies for Mobile Device Management (MDM), DLP, antivirus, and system baselines across various devices, ensuring that role-based permissions for cloud-hosted resources are established and maintained. Regular audits of cloud security policies and controls will also be part of the job, along with working with network security teams to secure the cloud network infrastructure.