Cloud Security Engineer

About the role

The Cloud Security Engineer is responsible for protecting the organization's cloud environment by designing, implementing, and maintaining security controls across Microsoft Azure, Microsoft 365 (M365), and Dynamics 365 (D365). This role focuses on cloud security posture management, cloud workload protection, identity and access management, and data protection within Azure and Microsoft cloud services. The engineer will harden cloud configurations, apply zero-trust principles, secure cloud-native workloads and SaaS applications, and partner with IT, DevOps, and Compliance teams to ensure that cloud operations remain resilient, scalable, and aligned with regulatory requirements. Essential Duties and Responsibilities: Design, configure, and maintain security controls across Microsoft Azure, including IaaS, PaaS, and SaaS workloads, ensuring secure deployments and continuous posture management. Configure and maintain security across all Azure resources (e.g., virtual machines, virtual networks, storage accounts, Azure Key Vault, App Services, Azure SQL), while continuously improving cloud security baselines and configurations. Apply zero-trust principles to cloud workloads and SaaS applications, including micro-segmentation, least-privilege access, and continuous verification across Azure, M365, and D365. Deploy and manage Microsoft Defender for Cloud and Microsoft Defender XDR to monitor cloud security posture, detect misconfigurations, and remediate vulnerabilities across multi-cloud and hybrid environments. Conduct gap analyses against relevant cloud security standards (e.g., NIST, CIS Benchmarks for Azure/M365, SOC 2, PCI-DSS) and recommend remediations. Maintain records of audit findings and track resolutions to ensure ongoing cloud compliance. Develop and maintain cloud security standard operating procedures (SOPs), reference architectures, and best practices. Collaborate with cross-functional teams (Infrastructure & Operations, DevOps, Compliance) to disseminate guidance on secure cloud development, infrastructure-as-code (IaC), and operational activities, ensuring that new or updated cloud systems adhere to security best practices. Create and update knowledge base articles, runbooks, and incident response playbooks to standardize and streamline cloud security procedures. Oversee the security configurations within M365 and D365, including data loss prevention (DLP), Microsoft Purview information protection, conditional access, threat protection (Defender for Office 365, Defender for Cloud Apps), and update the cloud security roadmap as needed. Deploy and tune cloud-native protections including Azure Web Application Firewall (WAF), Azure Front Door, Azure DDoS Protection, and advanced threat analytics in coordination with internal teams and external vendors, and guide them through production rollout. Develop and maintain incident response protocols for cloud environments to ensure timely identification, containment of threats, and implementation of preventive measures. Configure and manage cloud security monitoring tools such as Microsoft Defender for Cloud, Microsoft Sentinel, Rapid7, and other SIEM/SOAR platforms to detect anomalies, suspicious activity, and potential attacks across Azure, M365, and D365. Evaluate and secure containerized workloads (e.g., Azure Kubernetes Service), serverless functions, and DevSecOps pipelines, embedding security into CI/CD processes. Provide guidance and expertise in cloud architecture reviews, cloud security risk assessments, and the formulation of cloud security strategies. Perform other duties and responsibilities as assigned. Competencies Analytical mindset with the ability to solve complex problems under pressure. Collaborative approach and ability to work across teams, advocating for security best practices. Detail-oriented, with a strong commitment to maintaining the highest levels of data privacy and compliance. Required Education/Experience: Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience). A minimum of 5+ years' experience in cloud security, preferably with Microsoft Azure and the broader Microsoft cloud ecosystem (M365/D365). Preferred Education/Experience: Azure Security Engineer Associate (AZ-500) Microsoft Cybersecurity Architect Expert (SC-100)

Additional Information

Meriton is a national team of experts driving HVAC innovation through a network of high-performing companies. From strategy and support to systems and solutions, we work behind the scenes to strengthen operations and build value-for our partners and our people. If you're looking to make an impact, we're glad you're here. At Meriton, you'll join a team that believes in big ideas, doing great work, and building careers that matter-every step of the way. Job Title: Cloud Security Engineer Reports To: Director of Cybersecurity & Compliance FLSA Status: Exempt Location: Shared Services Office, Irving, TX

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at meriton? Share your experience