Job Title: Microsoft Cloud Engineer
Location: Washington DC (Onsite)
Summary:Red Cedar is seeking Microsoft Cloud professionals to design, implement, secure, and support Microsoft 365, Azure, and Microsoft Security environments. Candidates should have expertise in Azure, Entra ID, Exchange Online, Teams, SharePoint, Defender, Purview, and cloud security, with experience supporting NIST, Zero Trust, and FedRAMP compliance in enterprise environments.
Responsibilities:- Design, implement, operate, and optimize Microsoft 365, Azure, and Microsoft Security services to ensure reliability, scalability, and performance.
- Implement and maintain cloud security controls aligned with NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), and FedRAMP Moderate requirements.
- Administer Microsoft Entra ID, Conditional Access, privileged access controls, and least-privilege access models.
- Manage and support Exchange Online, Microsoft Teams, SharePoint Online, and related Microsoft 365 collaboration services.
- Provide Azure infrastructure, networking, application workload, maintenance, troubleshooting, and hybrid integration support.
- Configure and manage Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and related security platforms.
- Support formal change management processes and maintain technical documentation, training materials, and standard operating procedures.
- Serve as a senior technical advisor, collaborating with engineering, network, and cybersecurity teams.
- Design, implement, and manage hybrid Active Directory, Microsoft 365, and Microsoft Entra environments.
- Create and manage Windows, macOS, and Apple iOS devices using Microsoft Intune, including compliance policies and policy delivery.
- Configure and manage Windows Autopilot deployments and Intune software delivery for environments supporting at least 700 endpoints.
- Secure remote PowerShell administration across Entra, Azure, Exchange Online, SharePoint, and Microsoft Graph APIs.
- Implement and manage MFA transitions, third-party MFA integration, Smart Card authentication, and FIDO-based authentication across Windows and macOS.
- Configure and manage Microsoft Sentinel data sources, health monitoring, alerting, and log ingestion quality.
- Develop Power BI dashboards and automated reporting for systems health, compliance, Azure spending, utilization, and forecasting.
- Configure Azure budgets, spending alerts, and reporting with 90-day advance notification of projected overages.
- Develop incident response and disaster recovery playbooks integrated with existing IR and COOP documentation.
- Support audits, assessments, compliance reviews, and operational continuity activities.
- Perform operational changes during weekends or after-hours as required to minimize business disruption.
Requirements:- Demonstrated senior-level technical leadership supporting enterprise Microsoft 365, Azure, and Microsoft Security environments.
- Current Microsoft certifications in all related areas maintained for a minimum of five (5) years.
- Proven expertise designing, implementing, operating, and optimizing Microsoft cloud services.
- Experience implementing cloud security architectures aligned with NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), and FedRAMP Moderate requirements.
- Advanced experience implementing and managing hybrid Active Directory, Microsoft 365, and Microsoft Entra environments utilizing Microsoft's tiered security framework.
- Proven experience managing Windows, macOS, and Apple iOS devices using Microsoft Intune.
- Proven experience deploying Windows Autopilot and Intune software delivery for environments with at least 700 endpoints.
- Practical experience securing remote PowerShell administration across Entra, Azure, Exchange Online, SharePoint, and Microsoft Graph APIs.
- Advanced expertise in Microsoft Entra ID, Conditional Access, privileged access management, least-privilege access models, MFA implementation and migration, third-party MFA integration, Smart Card authentication, and FIDO-based authentication.
- Experience supporting Exchange Online, Microsoft Teams, SharePoint Online, and related Microsoft 365 workloads.
- Experience supporting Azure infrastructure, networking, workloads, troubleshooting, and hybrid integrations.
- Hands-on experience configuring and managing Microsoft Defender, Microsoft Sentinel, and Microsoft Purview.
- Experience configuring Microsoft Sentinel data sources, monitoring ingestion health, and alerting.
- Experience supporting formal change management processes and producing technical documentation, training materials, and standard operating procedures.
- Ability to act as a senior technical advisor supporting engineering teams, audits, assessments, and compliance reviews.
- Ability to perform duties independently with minimal supervision while maintaining a secure, resilient, and compliant Microsoft cloud environment.
- Experience implementing Power BI reporting and dashboards for systems health, compliance, utilization, and Azure cost reporting.
- Proven experience configuring Azure budgets, spending alerts, forecasting, and overage reporting.
- Experience developing incident response and disaster recovery playbooks.
- Current Microsoft 365 Certified: Administrator Expert certification.
- Current Microsoft Certified: Cybersecurity Architect Expert certification.
- Current Microsoft Certified: Azure Solutions Architect Expert certification.
- Current Microsoft 365 Certified: Endpoint Administrator Associate certification.
- Current Microsoft Certified: Identity and Access Administrator Associate certification.
- Current Microsoft Certified: Windows Server Hybrid Administrator Associate certification.
- Current Microsoft 365 Certified: Teams Administrator Associate certification.
- Current Microsoft Certified: Information Security Administrator Associate certification.
- Equivalent prior certifications may be accepted if maintained continuously for a minimum of five years.
- Submit a minimum of two and no more than four (4) examples of personally written technical documents (documentation, design documents, diagrams, PowerShell scripts, change controls, training materials, policy documents, or standard operating procedures), not to exceed five total pages.