[Remote] Senior Microsoft Cloud Engineer - Data Sharing & B2B
Note: The job is a remote job and is open to candidates in USA. Applied Information Sciences (AIS) is a mission-driven company focused on making a difference through innovative projects. They are seeking a Senior Microsoft Cloud Engineer to lead the design, implementation, and optimization of secure external collaboration capabilities across the Microsoft cloud ecosystem.ResponsibilitiesDesign, configure, and maintain Microsoft Entra B2B collaboration and cross-tenant access settings to support secure partner and guest access to enterprise applications, collaboration workloads, and external-facing business solutionsEngineer and administer external identity controls including invitation workflows, trust settings, guest lifecycle processes, access reviews support, and secure onboarding/offboarding patterns for third-party usersDesign and implement security architecture for external access to SharePoint extranets, including authentication patterns, authorization boundaries, site and content protection models, sharing restrictions, and monitoring requirementsDefine and implement Microsoft Purview Information Protection controls including sensitivity labels, encryption, data handling rules, and integration points with DLP and collaboration workloadsDesign and implement Microsoft Purview Message Encryption and related encrypted mail protections for secure communication with external recipients, including policy-based encryption use cases and operational support modelsDesign, test, and tune Conditional Access policies to govern external access based on user, device, application, session, location, risk, and authentication context, using phased rollout and validation practicesBuild secure access patterns for Power Platform applications, flows, and connectors through environment strategy, role design, data policies, connector governance, and identity controlsDefine and implement security controls for Power BI reports, dashboards, semantic models, workspaces, sharing models, and external consumption scenariosPartner with security, compliance, messaging, collaboration, and application teams to translate policy and regulatory requirements into enforceable cloud controlsProduce architecture diagrams, standards, control narratives, engineering runbooks, and operational procedures for steady-state supportSkills8+ years of experience in Microsoft cloud engineering, with substantial hands-on responsibility for Microsoft 365, Azure, and enterprise security controls4+ years of direct experience designing and administering Microsoft Entra ID / Azure AD identity and access solutionsDeep experience with Microsoft Entra External ID / B2B collaboration, cross-tenant access, external collaboration settings, guest access governance, and secure partner access modelsStrong experience implementing Microsoft Purview Information Protection capabilities, including sensitivity labels, encryption, and data protection policy integrationStrong experience designing Microsoft Purview Message Encryption / OME solutions for secure external email exchangeProven experience designing and deploying Conditional Access policies in enterprise environments, including policy testing, exception handling, and access hardeningExperience securing SharePoint Online sites and extranets for external access, including site permissions, sharing models, and information protection considerationsExperience implementing governance and security controls for Power Platform, including environment strategy, roles, and data policiesExperience securing Power BI platforms, including workspace governance, dataset security, sharing controls, and report access designExperience in highly regulated environments such as defense, government, healthcare, financial services, or other compliance-driven enterprisesExperience supporting security assessments, accreditation packages, or control inheritance modelsFamiliarity with Microsoft Defender, audit logging, insider risk considerations, and monitoring of collaboration and sharing eventsExperience with DevOps, infrastructure as code, or scripted administration using PowerShell, Microsoft Graph, or automation toolingMicrosoft certifications in areas such as Microsoft Entra, Microsoft 365 Security, Azure Security, or PurviewBenefitsEmployee Ownership: Your contributions directly impact the company’s success, and you share in its achievements.Continuous Learning: Access to resources, training, and mentorship to support your professional growth.Inclusive Culture: A workplace where diversity is celebrated, and everyone’s voice is valued.Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.Flexible - We offer flexibility in how you work. This role is remote eligible with the flexibility to work hybrid or in-office from our Reston, VA headquarters if you're local and prefer an office environment.Company OverviewAIS helps large commercial and federal clients accelerate innovation with security and compliance in mind. It was founded in 1982, and is headquartered in Reston, Virginia, USA, with a workforce of 501-1000 employees. Its website is https://www.ais.com.Company H1B SponsorshipAIS (Applied Information Sciences) has a track record of offering H1B sponsorships, with 7 in 2025, 3 in 2024, 4 in 2023, 2 in 2022, 5 in 2021, 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.