Information Security Engineer- Developer

Merative • Full-time • Remote – United States, United States of America • 1w ago

We are seeking an experienced Cloud Architect with strong expertise in Microsoft Azure, hybrid Active Directory, and enterprise identity and device management. This role will lead the design, implementation, and governance of secure, scalable cloud and hybrid environments, supporting both cloud-native and legacy systems while enabling modern workplace and identity solutions. The ideal candidate combines strategic architectural thinking with hands-on technical depth across Azure infrastructure, identity, endpoint management, and security.

Key Responsibilities

Cloud & Infrastructure Architecture

Design andmaintainaSecure CloudArchitectureforIaaS, PaaS, and SaaS solutionswithMicrosoft security technologiessuch asDefender, Sentinel, Purview, Endpoint Management, and Entra IDto protect enterprise and client assets.

Build and deploy security architecture thatenforcesZero Trust principles across M365,tenants, Azure subscriptions, B2C tenants, enterprise virtual systems,landing zones,virtualdesktopsand devices.

Establishsecuritycontrols around DevOps,secretsmanagement,key vaults, and managed identities to secure service to servicepatterns.

Architect resilient, scalable, and cost-optimized cloud solutions using Azure best practicesand risk-based spendingalignment

This rolewillown security architecture standards, reference architecture, guardrails, and exception decisions in partnership with theChief Information Security Officer.

Identity & Access Management

Establish and enforce hardened identity management for identities including Entra ID, service principles, andworkloadidentities while enforcing least-privilege across environments and mitigating path to privilege.

Architectidentity securityusingconditionalaccess, MFA,phishingresistant authentication,Privileged Identity Management (PIM), and Zero Trust principles

Design and integrate Privileged Access Management (PAM) tools in active directory environments which include both Windows and Linux toeliminatethe use of interactive service accounts and password handling while providing secure privilege access management practices, automation, and secure service-to-service communications.

Design andincorporatesecurity best practice fordevice &endpointmanagementincorporatingidentity and accessmanagementwithinternet accessrestrictionssupportingWindows, macOS, iOS, and Android devices.

Security & Compliance

Architect and govern AI platforms and data flows across Azure OpenAI and Microsoft Copilot extensibility, integrating MCP-based systems with enterprise identity, device, and data protection controls to prevent leakage, enforce consent boundaries, and ensure auditability.

Establish and enforce AI governance controls for MCP endpoints and AI-driven data access, including Entra ID–based authorization, data provenance, policy enforcement, and compliance logging.

Drive Purview-based data governanceincluding classification strategy, sensitivity labels, DLP enforcement, information barriers, and cross-tenant controls.

Collaboration & Leadership

Act as a technical authority and advisor to engineering, security, and operations teams

Translate business requirements into technical cloud solutions

Produce architecture diagrams, documentation, and standards

Mentor engineers and elevate team maturity by contributing to cloud best practices and roadmaps, conducting design reviews, buildinghardened securitypatterns, and providing coaching to strengthen engineering practices.

Minimum Qualifications:

Bachelor’sdegree in computer science, engineering, or related field.

8-10years of security design,implementationand ownershipexperiencewithMicrosoftsecurity tooling

10+years of hands-onproficiencyin multiple cybersecurity competencies (e.g., network security, systems security, application security, security operations)

10+ years’ experience performing security testing or technical controls validation, including documentation of testing methods and results.

10+ years’ experience in Azure cloud architecture and security services.

Preferred Qualifications:

Experience withEnd User Workstation Security Controls to include MAC,Windowsand Virtual Desktops.

Experience with Microsoft productsto includeMicrosoft Endpoint Manager,Entra, Defender, Sentinel and M365.

Experience withsecuring both Azure cloud as well as hybrid cloud environments using the Microsoft security tooling.

Advance knowledge of Microsoft Defender andSentinel andproficiencyinKQL query language.

Experience withMicrosoft Defender for Cloudto includeregulatory compliance dashboard configuration and continuous assessment; integrating Defender for Cloud into CI/CD pipelines andIaCworkflows; and practical knowledge of CSPM and CWPP capabilities.

Experience with Azure Policy, subscription structure, billing account, and management groups

Proactive awareness of emerging cybersecurity threats and technologies

Detailoriented with strong verbal and presentation skills.

Excellent interpersonal, communication, and negotiation skills

Effective written and oral communication, technical writing, and editing skills

Security-related certification (i.e., Security+, CISSP, GIAC, etc.)

Experience with landing zone security baselines and guardrails

Compensation

The salary range provided in this job posting is intended to reflect the general market value for the position. The actual salary offered may vary based on factors such as the candidate’s experience, qualifications, skills, and the specific requirements of the role. This range may also be subject to change as market conditions evolve. We encourage open communication throughout the interview process to discuss compensation expectations. For base-salary + commission sales roles, the range represents On-Target Earnings.

Min – Max :

$152,837.17 - $229,255.75 (USD)

Benefits

The benefits described represent the current offerings at our organization, however, benefits are subject to change and may vary by location and employment status. We strive to provide a comprehensive benefits package that supports our employees’ health, wellness, and financial goals. Please note that benefits may be discussed in more detail during the hiring process.

Remote first / work from home culture
Flexible vacation to help you rest, recharge, and connect with loved ones
Paid leave benefits
Health, dental, and vision insurance
401k retirement savings plan
Infertility benefits
Tuition reimbursement, life insurance, EAP – and more!

It is the policy of Merative to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Merative will provide reasonable accommodations for qualified individuals with disabilities.

Merative participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: http://www.uscis.gov/e-verify/employees

Apply