Job Description
Teledyne IT Shared Services is seeking an experienced Senior Cloud Engineer to join the Enterprise Infrastructure Solutions team. This role is responsible for designing, implementing, and administering enterprise cloud and identity platforms that support Teledyne's global workforce and business units. The Senior Cloud Engineer will take ownership of critical identity and access management systems, Microsoft 365 services, enterprise PKI infrastructure, and security governance programs across a complex, multi-tenant environment.
The ideal candidate brings deep hands-on expertise in Microsoft cloud technologies, a strong security mindset, and the ability to drive enterprise-scale projects with minimal supervision. Experience supporting acquisition and divestiture activities in a large enterprise environment is a plus.
Job Duties & Responsibilities:
Identity & Access Management
Serve as a primary administrator for Microsoft Entra ID (Azure AD) and on-premises Active Directory in a hybrid enterprise environment
Design, implement, and maintain Conditional Access policies to enforce M365 app access controls for Entra-registered and compliant devices
Manage device registration and enrollment policies across Workspace ONE-managed and hybrid-joined endpoints
Support and administer SSO integrations via ADFS, SAML, LDAP, and Entra-based federation
Lead or contribute to migration efforts from legacy ADFS to Azure-native authentication
Windows Hello for Business
Lead enterprise deployment and ongoing management of Windows Hello for Business
Enforce biometric enrollment policies via GPO and Intune, scoped to eligible security groups and hardware
Develop and deploy compliance monitoring and remediation scripts to inventory and validate authentication methods across endpoints
Microsoft 365 Platform Administration
Administer the enterprise M365 environment including Exchange Online, SharePoint, OneDrive, and Teams
Manage M365 licensing, tenant configuration, and service health across commercial and GCC-High environments
Support Microsoft Purview sensitivity label management, data governance, and information protection policies
Provide M365 technical leadership during acquisition and divestiture activities including tenant migrations and data transitions
Enterprise PKI & Certificate Management
Implement and administer CyberArk Venafi as the enterprise certificate lifecycle management platform
Manage certificate template creation, issuance, and decommissioning of legacy ADCS templates
Integrate certificate lifecycle workflows with ServiceNow for automated request, approval, and tracking
Security & Application Governance
Design and enforce browser extension governance frameworks including inventory, GPO controls, and ServiceNow-based approval workflows
Manage Microsoft Store application control policies and enterprise software distribution security
Administer CyberArk Workforce Password Management (WPM) at enterprise scale
Support CMMC, NIST 800-171, and ITAR compliance requirements as they relate to identity and cloud infrastructure
Respond to cybersecurity audits, questionnaires, and compliance inquiries related to identity and cloud platforms
Collaboration Platform Administration
Administer Microsoft Teams and Slack at enterprise scale, including governance, lifecycle management, channel migration, and workspace consolidation
Enforce naming conventions and manage workspace hygiene across collaboration platforms
Automation & Scripting
Develop and maintain PowerShell and Python scripts to automate tasks across identity, cloud, and security domains
Leverage web APIs, reporting tools, and SQL-based queries for monitoring, reporting, and platform integration
Deploy automation and remediation scripts via Intune and endpoint management tooling
Acquisition Support
Provide technical leadership for IT integration and separation projects including directory consolidation, tenant migrations, network transitions, and application cutovers
Coordinate with internal teams, business leadership, and external partners throughout M&A activities
Job Qualifications:
Bachelor's degree in Computer Science, Information Technology, or a related field; equivalent work experience considered
7–10 years of progressive experience in cloud infrastructure, identity management, or enterprise IT engineering
Demonstrated experience managing enterprise Microsoft cloud environments at scale
Microsoft 365 administration — Exchange Online, SharePoint, OneDrive, Teams, licensing, and tenant management
Microsoft Entra ID (Azure AD) and on-premises Active Directory configuration and administration in hybrid environments
Azure cloud platform management including compute, networking, storage, and identity services
Windows Server administration and Group Policy management
Multi-factor authentication technologies including Microsoft Authenticator, DUO, and FIDO2/Windows Hello
Collaboration platform administration — Microsoft Teams and Slack governance at enterprise scale
Proficiency in scripting and automation using PowerShell and/or Python
Strong understanding of enterprise security principles, identity governance, and Zero Trust architecture
Preferred Qualifications:
Experience with enterprise PKI infrastructure and certificate lifecycle management (ADCS, Venafi, or similar platforms)
Hands-on experience with CyberArk products (Venafi, Workforce Password Management, or Privileged Access Manager)
Familiarity with CMMC, NIST 800-171, or ITAR compliance requirements in an enterprise IT context
Experience with ServiceNow workflow integration
Exposure to enterprise browser management and application governance (Microsoft Edge, Island Enterprise Browser, or similar)
Experience supporting acquisition, divestiture, or tenant migration projects
Relevant certifications: Microsoft Certified: Identity and Access Administrator Associate, Azure Administrator Associate (AZ-104), Security+ , or equivalent
Experience with GCC-High tenants and compliance requirements for defense-sector organizations
