[Remote] Cloud Engineer
Note: The job is a remote job and is open to candidates in USA. Capgemini is a global business and technology transformation partner, and they are seeking a highly motivated Cloud Engineer with deep experience in cybersecurity and cloud-native security solutions. The role involves architecting and managing Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Intune within high-security environments, supporting federal government clients.ResponsibilitiesProvide strategic input to identity and security architecture in Microsoft 365, Azure AD, and related servicesCollaborate with security, operations, and compliance teams to implement secure-by-design configurationsDevelop technical documentation, runbooks, and executive-level reporting for compliance audits and operational transparencyTroubleshoot Tier 3 issues related to Sentinel rules, Intune policy conflicts, AVD connectivity, and security misconfigurationsServe as the SME for endpoint security, SIEM/SOAR platforms, and Zero Trust implementations within Microsoft ecosystemsArchitect, configure, and manage Microsoft Sentinel for advanced threat detection, investigation, and responseIntegrate Sentinel with Microsoft Defender solutions and third-party data connectors to monitor hybrid cloud infrastructureDesign and implement security best practices using Microsoft Defender for Cloud, focusing on CSPM, workload protection, and threat analyticsCreate custom KQL queries and workbooks for detection, automation, and incident response workflowsArchitect and manage Microsoft Intune for endpoint security, compliance, device lifecycle management, and mobile application management (MAM)Define conditional access policies integrated with Azure AD to support Zero Trust architectureDrive enrollment, configuration profiles, compliance baselines, and application deployment for Windows 10/11, iOS, and Android endpointsPlan, deploy, and manage scalable AVD environments in Azure Government Cloud, ensuring optimal user experience and policy enforcementImplement FSLogix profile management, MSIX app attach, and integration with Defender and SentinelMonitor AVD performance and usage analytics for capacity planning and optimizationWork within Microsoft 365 GCC High environments, ensuring full compliance with DoD, FedRAMP High, and NIST 800-53 frameworksSecure M365 workloads with a strong focus on tenant hardening, conditional access, DLP, and insider risk policiesSkillsUS Citizenship is requiredEligible to obtain and maintain a DoD Security Clearance (Secret or Top Secret)BS/BA degree and 8 years of IT experience, or 10 years total without a degreeDemonstrated experience in M365 GCC High, Azure Government Cloud, and DoD-compliant environmentsExperience in hybrid cloud/on prem environmentsExperience managing MS, Unix, Linux environmentsExpert knowledge of Microsoft Sentinel, Defender for Cloud, Intune, and Azure AD Conditional AccessWorking knowledge of AVD architecture, deployment, and management in regulated environmentsProficiency in PowerShell scripting for automation, policy enforcement, and monitoringExperience designing solutions aligned with Zero Trust Architecture, NIST, and FedRAMP High standardsStrong communication skills for technical and executive-level briefings and documentationMicrosoft certifications such as SC-200, MS-500, AZ-104, MD-102, or AZ-140Experience integrating third-party SIEM, EDR, or MDM platforms with Microsoft solutionsHands-on experience with Log Analytics, KQL, Playbook automation (Logic Apps), and Graph APIFamiliarity with Microsoft Purview, DLP, and Insider Risk ManagementOne or more of the following DoD 8570 Level II Certifications: Security+ CE, GSEC, SSCP, CCNA Security, or equivalentBenefitsPaid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick LeaveMedical, dental, and vision coverage (or provincial healthcare coordination in Canada)Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)Life and disability insuranceEmployee assistance programsOther benefits as provided by local policy and eligibilityIn addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws.Company OverviewCapgemini is an AI-powered global business and technology transformation partner, delivering tangible business value. It was founded in 2001, and is headquartered in Auckland, Auckland, NZL, with a workforce of 10001+ employees. Its website is https://www.capgemini.com/nz-en/careers/capgemini-in-new-zealand/.