Lead Security Engineer, Identity & Cloud Controls
Stratos
Lead Security Engineer, Identity & Cloud Controls Location: Beachwood, OH (Hybrid) Reports To: Director of IT We are seeking a highly experienced Lead Security Engineer to serve as the primary technical authority for security engineering, identity governance, and cloud control enforcement across our organization. This is a high-impact, senior role responsible for designing and implementing modern security controls in a cloud-first environment, while working in close partnership with a managed security provider (SEI Sphere) that oversees monitoring and response operations. Position Summary The Lead Security Engineer, Identity & Cloud Controls serves as the organization’s primary technical security authority, responsible for designing, implementing, and governing security controls across identity platforms, cloud services, and enterprise applications. Operating within a co-managed security model alongside SEI Sphere (MSSP), this role focuses on internal control design, enforcement, and integration—ensuring security policies are effectively translated into technical controls that are operational, measurable, and audit-ready. This position plays a critical role in strengthening identity governance, reducing unauthorized application risk, improving access control consistency, and enabling automation across the security ecosystem. Key Responsibilities Identity & Access Management (Primary Focus) Design and implement identity security controls across: Microsoft Entra ID (Azure AD) Okta CyberArk (Privileged Access Management) Develop and Maintain: Role-based access control (RBAC) models Conditional Access policies and MFA strategies Lead implementation and automation of: User lifecycle management (joiner/mover/leaver) Periodic access reviews and certifications Identify and remediate excessive permissions, orphaned accounts, and privilege escalation risks Cloud & Microsoft Security Platform Ownership Configure and optimize: Microsoft Defender (Endpoint, Office 365, Cloud Apps) Microsoft Purview (DLP, sensitivity labeling, data protection controls) Ensure alignment of identity, endpoint, and data protection policies Translate security policies into enforceable technical configurations Application Governance & Shadow IT Control Implement controls to detect and manage unauthorized applications and SaaS usage Govern third-party app access, including OAuth and API integrations Establish application onboarding and risk review processes Reduce shadow IT exposure while balancing business usability Security Automation & Integration Design and implement automated security processes using: PowerShell, Microsoft Graph API, and other automation tools Automate: Access provisioning and deprovisioning Policy enforcement and reporting Integrate security tools to ensure consistent control application across platforms MSSP (SEI Sphere) Integration & Oversight Serve as the primary internal technical liaison with SEI Sphere Ensure proper integration of identity, application, and cloud telemetry into MSSP monitoring Validate detection coverage, escalation processes, and response coordination Identify and remediate gaps between internal controls and MSSP visibility Compliance, Audit & Governance Translate SEC / FINRA regulatory requirements into technical controls Maintain control mappings and generate audit evidence Support internal and external audits, assessments, and regulatory reviews Contribute to vendor due diligence and technical risk evaluations Actively participate in the organization’s GRC Committee Security Architecture & Strategy Serve as the primary internal SME for security engineering and architecture decisions Contribute to long-term security strategy, including identity-first and Zero Trust initiatives Provide recommendations for platform improvements and future-state capabilities Why This Role Matters This role is critical to advancing our security maturity by focusing on what matters most: Identity and access control Application governance Control enforcement and automation Bridging internal security engineering with external security operations You’ll have the opportunity to shape the security architecture, influence strategy, and build scalable solutions that directly reduce risk across the organization. Work Environment Hybrid work model Direct collaboration with IT leadership and cross-functional teams High visibility role with impact across technology, compliance, and operations Required Qualifications 7–10+ years in cybersecurity engineering or architecture roles Deep hands‑on expertise with: Microsoft Entra ID (Azure AD), Conditional Access, identity governance Okta (SSO, federation, lifecycle management) Microsoft Defender suite and security ecosystem Proven experience implementing or managing: Privileged Access Management (CyberArk strongly preferred) Access control models and governance frameworks Strong scripting and automation skills (PowerShell required) Experience integrating security tools and platforms across cloud environments Familiarity with MSSP/SOC operating models Experience in regulated environments (FINRA, SEC, or equivalent) Ability to translate policy and regulatory requirements into technical control implementations Preferred Qualifications Experience with Microsoft Purview (DLP, labeling, insider risk) Experience with Defender for Cloud Apps or CASB technologies Familiarity with API‑based integrations and automation Background in financial services or highly regulated industries #J-18808-Ljbffr Stratos
- Stratos is seeking a Lead Security Engineer for Identity & Cloud Controls in Beachwood, OH. This senior position involves designing security controls, implementing identity governance, and managing cloud services with a strong focus on automation. The ideal candidate will...Suggested
$134.26k - $248.39k
...Job Description As a Lead Substation Protection & Control (P&C), you’ll play a key role... ...control systems, mentor junior engineers, and collaborate directly... ..., fire alarm, and security systems. Contribute thought... ...orientation, gender identity or gender expression), national...Suggested- ...Impact The Senior Security Engineer is accountable for designing... ...premises, hybrid, and cloud platforms. The role... ..., operational controls, and risk-based decision... ...security domains, including identity and access management,... ...Security Engineer leads and oversees security...SuggestedFull timeWork at officeWorldwideFlexible hours
- ...Senior Security Engineer As BWE's Senior Security Engineer, your role... ...hands-on implementation across identity, Azure, endpoint, and... ...Microsoft identity, endpoint, and cloud security tools. Evaluate... ...management with identity and access controls. Improve monitoring,...Suggested
$40 - $48 per hour
...Description We are seeking a Junior Cloud Security Engineer (Azure) to support a Security Defense... ..., sexual orientation, gender identity, genetic information or any characteristic... ...TEKsystems Global Services We’re a leading provider of business and technology services...SuggestedContract workTemporary work3 days per week$100k - $120k
Tata Consultancy Services Limited is seeking an Application Security Engineer to assist with design, implementation, and support related to application security workflows. This role requires a Bachelor’s degree and 8 to 10 years of relevant experience. The position offers...- ...performance, and collaboration within a global engineering environment. In This Role, You Will... ...modern software development and source control practices Possesses strong analytical... ..., sex, sexual orientation, gender identity, national origin, veteran or disability...
$134.5k - $265.1k
...Cyber Oracle Cloud Security Manager / Engineering Manager II Are you interested in working... ...that reduce risk and improve control effectiveness. In this role, you will lead Oracle Cloud security... ...multi-factor authentication, identity and access management, or data...Local areaVisa sponsorship- ...A typical day of a Security Engineer revolves around system changes, lifecycle of firewalls, and the user VPN environment. It is the responsibility... ...researching logs, reporting metrics, time reporting, Change Control records, production documentation, etc. Required...Long term contractContract workLocal areaRemote workNight shiftWeekend work
- ...shape a brighter way forward. Lead Operating Engineer - JLL What this job involves:... ...Serve as BMS Lead, overseeing operation, control strategies, optimization, troubleshooting... ...to keep your personal information secure with appropriate level of security and...Daily paidFull timeFor contractors
- ...Job Description Job Description The Lead Cost Engineer role is a senior position within the... ...engineering activities including cost control, forecasting, earned value management,... ...disability, sex, sexual orientation, gender identity or expression, age, national origin,...For contractorsFor subcontractorWork at officeLocal area
$80k - $90k
...will support multiple security initiatives... ...have a knowledge of cloud delivery, cloud service, leading security practices,... ...Azure Security Center. Identity & Access Management... ...Role-Based Access Control (RBAC), Multi-Factor... ...with senior security engineers. Network & Endpoint...Full time$102.17k
...Join the Trinnex Security Team as a Senior Cyber... ...security controls, identifying vulnerabilities... ...work closely with engineering and development... ...threats. Lead response efforts for... ...working within Google Cloud Platform (GCP), including... ..., gender identity or gender expression...H1b$120k - $150k
...practical roadmaps that improve security, reliability, and the end-... ...alongside sales and engineering teams, you lead structured discovery using... ...infrastructure, endpoint, cloud, identity, backup/DR, and security,... ...is subject to U.S. export control laws and regulations, including...Work at office- ...Provide technical guidance for a project team of 2-5 engineer Identify and assign tasks within the project team Lead customer meetings Assist with proposal... ...appropriate for the project Research and select controls hardware appropriate for the project Compile...
$80k - $150k
...Road, Brooklyn Ohio Job Summary The Lead Engineer lead and influence the design, delivery... ...and influences IT standards (e.g. info security, audit, compliance, etc.). Assists... ..., sex, sexual orientation, gender identity, national origin, age, genetic information...Temporary workWork experience placementWork at officeFlexible hours$170.6k - $390k
...career in information security! The... ...network security controls align with business... ...across on‑premises, cloud, and hybrid environments... ...in Cybersecurity Engineering, where you will... ...of threats while leading cross-departmental... ...orientation, gender identity/expression, pregnancy...Summer holidayRemote workFlexible hours$93k - $189k
...Cloud Engineering Manager The Cloud Engineering Manager provides... ...operating scalable, secure, and highly available... ...environments. Lead the design and review... ...teams to embed risk-based controls and compliance into cloud... ...networking, security, identity, and access management...Work at officeRemote workWork from homeFlexible hours- ...Team is seeking a dynamic team member to lead the Supply Chain Technical Team. Directs... ...SSIS packages, including ETL processes, control/data flow, error handling, and performance... ...age, national origin, disability, gender identity, genetic information, veteran status, or...Permanent employmentFull timeFor contractors
- ...are looking for a passionate and dedicated Process Mechanical Lead Engineer in one of our Ohio offices or Bingham Farms, MI office. As... ...domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability...Work at officeRemote workWorldwide
$124k - $280k
...experiences you need to lead and deliver value at... ...Information Science, Computer Engineering, Information Technology... ...and Oracle Cloud Infrastructure Developing... ...orientation, and gender identity); age; disability; genetic... ...to establish a secure and trusted workplace for...Full timeH1b- ...A Brief Overview The Cyber Security engineer position will support multiple security initiatives involving design and implementation... ...information. May oversee internal or external systems security (e.g., cloud services). Interacts with business users and vendors to...Casual workNight shift
- Canonical is a leading provider of open source software and operating systems to... ...enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers... ...and better products. Whatever your identity, we will give your application fair...Work at officeRemote workWork from homeFlexible hours
- Systems Engineer page is loaded## Systems Engineerlocations... ...infrastructure and cloud environments. This... ...and ensure adherence to security procedures with... ...Active Directory domain controllers.* Support DNS and DHCP... ...sexual orientation, gender identity, marital status, or...Permanent employmentWork at officeLocal area
$140k - $200k
...office. These include frontend and backend engineers, AI research scientists, and others from Amazon, Microsoft, and Google, leading PhD programs like Stanford, high growth... ...of race, national origin, gender, gender identity, sexual orientation, protected veteran status...Work at officeRemote work$132.23k - $176.31k
...connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for... ...skilled and proactive Senior Lead Site Reliability Engineer (SRE) to join our team, focusing... ..., sexual orientation, gender identity, gender expression, marital...Full timeTemporary workRemote work$142.6k - $261.5k
...designers, and software engineers enable our clients to... ...front end, back end, data, security etc.), all are... ...Development, you will lead the effective management... ...building and operating cloud infrastructure and Kubernetes... ...sexual orientation, gender identity/expression, pregnancy,...Summer holidayFlexible hours- ...You’ll be empowered to lead, supported to grow, and... ...transparency, efficiency, and control over the country’s... ...Procurement, Finance, Security, Architecture, and... ..., SAP, SaaS providers, cloud platforms) Demonstrated... ...to their- sex (gender identity, gender expression, sexual...Contract workTemporary work
$124.9k - $229.1k
...contract. For our Cloud Risk services, our... ...business internal control process; assisting... ...control and security engagements. Skills... ...regulatory standards. Lead risk discussions... ...information systems, engineering, or a related... ...orientation, gender identity/expression, pregnancy...Contract workSummer holidayWork at officeFlexible hours- Canonical Canonical is a leading provider of open source software and operating... ...enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers... ...and better products. Whatever your identity, we will give your application fair...Contract workWork at officeWork from homeWorldwideFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Security Engineer, Identity & Cloud Controls. Be the first to apply!




