[Remote] Cloud Engineer

Note: The job is a remote job and is open to candidates in USA. Capgemini is a global business and technology transformation partner, and they are seeking a highly motivated Cloud Engineer with deep experience in cybersecurity and cloud-native security solutions. The role involves architecting and managing Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Intune within high-security environments, supporting federal government clients.

Responsibilities

• Provide strategic input to identity and security architecture in Microsoft 365, Azure AD, and related services
• Collaborate with security, operations, and compliance teams to implement secure-by-design configurations
• Develop technical documentation, runbooks, and executive-level reporting for compliance audits and operational transparency
• Troubleshoot Tier 3 issues related to Sentinel rules, Intune policy conflicts, AVD connectivity, and security misconfigurations
• Serve as the SME for endpoint security, SIEM/SOAR platforms, and Zero Trust implementations within Microsoft ecosystems
• Architect, configure, and manage Microsoft Sentinel for advanced threat detection, investigation, and response
• Integrate Sentinel with Microsoft Defender solutions and third-party data connectors to monitor hybrid cloud infrastructure
• Design and implement security best practices using Microsoft Defender for Cloud, focusing on CSPM, workload protection, and threat analytics
• Create custom KQL queries and workbooks for detection, automation, and incident response workflows
• Architect and manage Microsoft Intune for endpoint security, compliance, device lifecycle management, and mobile application management (MAM)
• Define conditional access policies integrated with Azure AD to support Zero Trust architecture
• Drive enrollment, configuration profiles, compliance baselines, and application deployment for Windows 10/11, iOS, and Android endpoints
• Plan, deploy, and manage scalable AVD environments in Azure Government Cloud, ensuring optimal user experience and policy enforcement
• Implement FSLogix profile management, MSIX app attach, and integration with Defender and Sentinel
• Monitor AVD performance and usage analytics for capacity planning and optimization
• Work within Microsoft 365 GCC High environments, ensuring full compliance with DoD, FedRAMP High, and NIST 800-53 frameworks
• Secure M365 workloads with a strong focus on tenant hardening, conditional access, DLP, and insider risk policies

Skills

• US Citizenship is required
• Eligible to obtain and maintain a DoD Security Clearance (Secret or Top Secret)
• BS/BA degree and 8 years of IT experience, or 10 years total without a degree
• Demonstrated experience in M365 GCC High, Azure Government Cloud, and DoD-compliant environments
• Experience in hybrid cloud/on prem environments
• Experience managing MS, Unix, Linux environments
• Expert knowledge of Microsoft Sentinel, Defender for Cloud, Intune, and Azure AD Conditional Access
• Working knowledge of AVD architecture, deployment, and management in regulated environments
• Proficiency in PowerShell scripting for automation, policy enforcement, and monitoring
• Experience designing solutions aligned with Zero Trust Architecture, NIST, and FedRAMP High standards
• Strong communication skills for technical and executive-level briefings and documentation
• Microsoft certifications such as SC-200, MS-500, AZ-104, MD-102, or AZ-140
• Experience integrating third-party SIEM, EDR, or MDM platforms with Microsoft solutions
• Hands-on experience with Log Analytics, KQL, Playbook automation (Logic Apps), and Graph API
• Familiarity with Microsoft Purview, DLP, and Insider Risk Management
• One or more of the following DoD 8570 Level II Certifications: Security+ CE, GSEC, SSCP, CCNA Security, or equivalent

Benefits

• Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
• Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
• Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
• Life and disability insurance
• Employee assistance programs
• Other benefits as provided by local policy and eligibility
• In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws.

Company Overview