Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Security Engineer, Identity & Cloud Controls

Stratos

Lead Security Engineer, Identity & Cloud Controls Location: Beachwood, OH (Hybrid) Reports To: Director of IT We are seeking a highly experienced Lead Security Engineer to serve as the primary technical authority for security engineering, identity governance, and cloud control enforcement across our organization. This is a high-impact, senior role responsible for designing and implementing modern security controls in a cloud-first environment, while working in close partnership with a managed security provider (SEI Sphere) that oversees monitoring and response operations. Position Summary The Lead Security Engineer, Identity & Cloud Controls serves as the organization’s primary technical security authority, responsible for designing, implementing, and governing security controls across identity platforms, cloud services, and enterprise applications. Operating within a co-managed security model alongside SEI Sphere (MSSP), this role focuses on internal control design, enforcement, and integration—ensuring security policies are effectively translated into technical controls that are operational, measurable, and audit-ready. This position plays a critical role in strengthening identity governance, reducing unauthorized application risk, improving access control consistency, and enabling automation across the security ecosystem. Key Responsibilities Identity & Access Management (Primary Focus) Design and implement identity security controls across: Microsoft Entra ID (Azure AD) Okta CyberArk (Privileged Access Management) Develop and Maintain: Role-based access control (RBAC) models Conditional Access policies and MFA strategies Lead implementation and automation of: User lifecycle management (joiner/mover/leaver) Periodic access reviews and certifications Identify and remediate excessive permissions, orphaned accounts, and privilege escalation risks Cloud & Microsoft Security Platform Ownership Configure and optimize: Microsoft Defender (Endpoint, Office 365, Cloud Apps) Microsoft Purview (DLP, sensitivity labeling, data protection controls) Ensure alignment of identity, endpoint, and data protection policies Translate security policies into enforceable technical configurations Application Governance & Shadow IT Control Implement controls to detect and manage unauthorized applications and SaaS usage Govern third-party app access, including OAuth and API integrations Establish application onboarding and risk review processes Reduce shadow IT exposure while balancing business usability Security Automation & Integration Design and implement automated security processes using: PowerShell, Microsoft Graph API, and other automation tools Automate: Access provisioning and deprovisioning Policy enforcement and reporting Integrate security tools to ensure consistent control application across platforms MSSP (SEI Sphere) Integration & Oversight Serve as the primary internal technical liaison with SEI Sphere Ensure proper integration of identity, application, and cloud telemetry into MSSP monitoring Validate detection coverage, escalation processes, and response coordination Identify and remediate gaps between internal controls and MSSP visibility Compliance, Audit & Governance Translate SEC / FINRA regulatory requirements into technical controls Maintain control mappings and generate audit evidence Support internal and external audits, assessments, and regulatory reviews Contribute to vendor due diligence and technical risk evaluations Actively participate in the organization’s GRC Committee Security Architecture & Strategy Serve as the primary internal SME for security engineering and architecture decisions Contribute to long-term security strategy, including identity-first and Zero Trust initiatives Provide recommendations for platform improvements and future-state capabilities Why This Role Matters This role is critical to advancing our security maturity by focusing on what matters most: Identity and access control Application governance Control enforcement and automation Bridging internal security engineering with external security operations You’ll have the opportunity to shape the security architecture, influence strategy, and build scalable solutions that directly reduce risk across the organization. Work Environment Hybrid work model Direct collaboration with IT leadership and cross-functional teams High visibility role with impact across technology, compliance, and operations Required Qualifications 7–10+ years in cybersecurity engineering or architecture roles Deep hands‑on expertise with: Microsoft Entra ID (Azure AD), Conditional Access, identity governance Okta (SSO, federation, lifecycle management) Microsoft Defender suite and security ecosystem Proven experience implementing or managing: Privileged Access Management (CyberArk strongly preferred) Access control models and governance frameworks Strong scripting and automation skills (PowerShell required) Experience integrating security tools and platforms across cloud environments Familiarity with MSSP/SOC operating models Experience in regulated environments (FINRA, SEC, or equivalent) Ability to translate policy and regulatory requirements into technical control implementations Preferred Qualifications Experience with Microsoft Purview (DLP, labeling, insider risk) Experience with Defender for Cloud Apps or CASB technologies Familiarity with API‑based integrations and automation Background in financial services or highly regulated industries #J-18808-Ljbffr Stratos

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Lead Security Engineer, Identity & Cloud Controls in Beachwood, OH vacancy
  • Stratos is seeking a Lead Security Engineer for Identity & Cloud Controls in Beachwood, OH. This senior position involves designing security controls, implementing identity governance, and managing cloud services with a strong focus on automation. The ideal candidate will... 
    Suggested

    Stratos

    Beachwood, OH
    3 days ago
  • $134.26k - $248.39k

     ...Job Description As a Lead Substation Protection & Control (P&C), you’ll play a key role...  ...control systems, mentor junior engineers, and collaborate directly...  ..., fire alarm, and security systems. Contribute thought...  ...orientation, gender identity or gender expression), national... 
    Suggested

    ATLVets Inc.

    Cleveland, OH
    1 day ago
  •  ...Impact The Senior Security Engineer is accountable for designing...  ...premises, hybrid, and cloud platforms. The role...  ..., operational controls, and risk-based decision...  ...security domains, including identity and access management,...  ...Security Engineer leads and oversees security... 
    Suggested
    Full time
    Work at office
    Worldwide
    Flexible hours

    Lubrizol

    Wickliffe, OH
    4 days ago
  •  ...Senior Security Engineer As BWE's Senior Security Engineer, your role...  ...hands-on implementation across identity, Azure, endpoint, and...  ...Microsoft identity, endpoint, and cloud security tools. Evaluate...  ...management with identity and access controls. Improve monitoring,... 
    Suggested

    BWE , Inc.

    Cleveland, OH
    3 days ago
  • $40 - $48 per hour

     ...Description We are seeking a Junior Cloud Security Engineer (Azure) to support a Security Defense...  ..., sexual orientation, gender identity, genetic information or any characteristic...  ...TEKsystems Global Services We’re a leading provider of business and technology services... 
    Suggested
    Contract work
    Temporary work
    3 days per week

    TEKsystems

    Cleveland, OH
    1 day ago
  • $100k - $120k

    Tata Consultancy Services Limited is seeking an Application Security Engineer to assist with design, implementation, and support related to application security workflows. This role requires a Bachelor’s degree and 8 to 10 years of relevant experience. The position offers... 

    Tata Consultancy Services

    Cleveland, OH
    3 days ago
  •  ...performance, and collaboration within a global engineering environment. In This Role, You Will...  ...modern software development and source control practices Possesses strong analytical...  ..., sex, sexual orientation, gender identity, national origin, veteran or disability... 

    FILTEC

    Solon, OH
    4 days ago
  • $134.5k - $265.1k

     ...Cyber Oracle Cloud Security Manager / Engineering Manager II Are you interested in working...  ...that reduce risk and improve control effectiveness. In this role, you will lead Oracle Cloud security...  ...multi-factor authentication, identity and access management, or data... 
    Local area
    Visa sponsorship

    Deloitte

    Cleveland, OH
    6 hours ago
  •  ...A typical day of a Security Engineer revolves around system changes, lifecycle of firewalls, and the user VPN environment. It is the responsibility...  ...researching logs, reporting metrics, time reporting, Change Control records, production documentation, etc. Required... 
    Long term contract
    Contract work
    Local area
    Remote work
    Night shift
    Weekend work

    My3Tech Inc

    Cleveland, OH
    1 day ago
  •  ...shape a brighter way forward. Lead Operating Engineer - JLL What this job involves:...  ...Serve as BMS Lead, overseeing operation, control strategies, optimization, troubleshooting...  ...to keep your personal information secure with appropriate level of security and... 
    Daily paid
    Full time
    For contractors

    *US AMR-Jones Lang LaSalle Americas, Inc.

    Highland Heights, OH
    15 hours ago
  •  ...Job Description Job Description The Lead Cost Engineer role is a senior position within the...  ...engineering activities including cost control, forecasting, earned value management,...  ...disability, sex, sexual orientation, gender identity or expression, age, national origin,... 
    For contractors
    For subcontractor
    Work at office
    Local area

    Nexus Engineering Group

    Cleveland, OH
    20 days ago
  • $80k - $90k

     ...will support multiple security initiatives...  ...have a knowledge of cloud delivery, cloud service, leading security practices,...  ...Azure Security Center. Identity & Access Management...  ...Role-Based Access Control (RBAC), Multi-Factor...  ...with senior security engineers. Network & Endpoint... 
    Full time

    Insight Global

    Cleveland, OH
    10 hours ago
  • $102.17k

     ...Join the Trinnex Security Team as a Senior Cyber...  ...security controls, identifying vulnerabilities...  ...work closely with engineering and development...  ...threats. Lead response efforts for...  ...working within Google Cloud Platform (GCP), including...  ..., gender identity or gender expression... 
    H1b

    Trinnex

    Cleveland, OH
    4 days ago
  • $120k - $150k

     ...practical roadmaps that improve security, reliability, and the end-...  ...alongside sales and engineering teams, you lead structured discovery using...  ...infrastructure, endpoint, cloud, identity, backup/DR, and security,...  ...is subject to U.S. export control laws and regulations, including... 
    Work at office

    Impact Networking

    Independence, OH
    1 day ago
  •  ...Provide technical guidance for a project team of 2-5 engineer Identify and assign tasks within the project team Lead customer meetings Assist with proposal...  ...appropriate for the project Research and select controls hardware appropriate for the project Compile... 

    In-finite Search Solutions

    Cleveland, OH
    19 days ago
  • $80k - $150k

     ...Road, Brooklyn Ohio Job Summary The Lead Engineer lead and influence the design, delivery...  ...and influences IT standards (e.g. info security, audit, compliance, etc.). Assists...  ..., sex, sexual orientation, gender identity, national origin, age, genetic information... 
    Temporary work
    Work experience placement
    Work at office
    Flexible hours

    Key Bank

    Cleveland, OH
    3 days ago
  • $170.6k - $390k

     ...career in information security! The...  ...network security controls align with business...  ...across on‑premises, cloud, and hybrid environments...  ...in Cybersecurity Engineering, where you will...  ...of threats while leading cross-departmental...  ...orientation, gender identity/expression, pregnancy... 
    Summer holiday
    Remote work
    Flexible hours

    EY

    Cleveland, OH
    3 days ago
  • $93k - $189k

     ...Cloud Engineering Manager The Cloud Engineering Manager provides...  ...operating scalable, secure, and highly available...  ...environments. Lead the design and review...  ...teams to embed risk-based controls and compliance into cloud...  ...networking, security, identity, and access management... 
    Work at office
    Remote work
    Work from home
    Flexible hours

    Huntington

    Cleveland, OH
    6 hours ago
  •  ...Team is seeking a dynamic team member to lead the Supply Chain Technical Team. Directs...  ...SSIS packages, including ETL processes, control/data flow, error handling, and performance...  ...age, national origin, disability, gender identity, genetic information, veteran status, or... 
    Permanent employment
    Full time
    For contractors

    Parker Hannifin Corporation

    Cleveland, OH
    1 day ago
  •  ...are looking for a passionate and dedicated Process Mechanical Lead Engineer in one of our Ohio offices or Bingham Farms, MI office. As...  ...domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability... 
    Work at office
    Remote work
    Worldwide

    Jacobs

    Cleveland, OH
    1 day ago
  • $124k - $280k

     ...experiences you need to lead and deliver value at...  ...Information Science, Computer Engineering, Information Technology...  ...and Oracle Cloud Infrastructure Developing...  ...orientation, and gender identity); age; disability; genetic...  ...to establish a secure and trusted workplace for... 
    Full time
    H1b

    PwC

    Cleveland, OH
    5 days ago
  •  ...A Brief Overview The Cyber Security engineer position will support multiple security initiatives involving design and implementation...  ...information. May oversee internal or external systems security (e.g., cloud services). Interacts with business users and vendors to... 
    Casual work
    Night shift

    University Hospitals

    Shaker Heights, OH
    4 days ago
  • Canonical is a leading provider of open source software and operating systems to...  ...enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers...  ...and better products. Whatever your identity, we will give your application fair... 
    Work at office
    Remote work
    Work from home
    Flexible hours

    Canonical

    Cleveland, OH
    1 day ago
  • Systems Engineer page is loaded## Systems Engineerlocations...  ...infrastructure and cloud environments. This...  ...and ensure adherence to security procedures with...  ...Active Directory domain controllers.* Support DNS and DHCP...  ...sexual orientation, gender identity, marital status, or... 
    Permanent employment
    Work at office
    Local area

    Materion

    Cleveland, OH
    1 day ago
  • $140k - $200k

     ...office. These include frontend and backend engineers, AI research scientists, and others from Amazon, Microsoft, and Google, leading PhD programs like Stanford, high growth...  ...of race, national origin, gender, gender identity, sexual orientation, protected veteran status... 
    Work at office
    Remote work

    Speechify

    Cleveland, OH
    2 days ago
  • $132.23k - $176.31k

     ...connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for...  ...skilled and proactive Senior Lead Site Reliability Engineer (SRE) to join our team, focusing...  ..., sexual orientation, gender identity, gender expression, marital... 
    Full time
    Temporary work
    Remote work

    Lumen

    Cleveland, OH
    15 hours ago
  • $142.6k - $261.5k

     ...designers, and software engineers enable our clients to...  ...front end, back end, data, security etc.), all are...  ...Development, you will lead the effective management...  ...building and operating cloud infrastructure and Kubernetes...  ...sexual orientation, gender identity/expression, pregnancy,... 
    Summer holiday
    Flexible hours

    EY

    Cleveland, OH
    2 days ago
  •  ...You’ll be empowered to lead, supported to grow, and...  ...transparency, efficiency, and control over the country’s...  ...Procurement, Finance, Security, Architecture, and...  ..., SAP, SaaS providers, cloud platforms) Demonstrated...  ...to their- sex (gender identity, gender expression, sexual... 
    Contract work
    Temporary work

    Dormont Manufacturing Co

    Cleveland, OH
    1 day ago
  • $124.9k - $229.1k

     ...contract. For our Cloud Risk services, our...  ...business internal control process; assisting...  ...control and security engagements. Skills...  ...regulatory standards. Lead risk discussions...  ...information systems, engineering, or a related...  ...orientation, gender identity/expression, pregnancy... 
    Contract work
    Summer holiday
    Work at office
    Flexible hours

    EY

    Cleveland, OH
    3 days ago
  • Canonical Canonical is a leading provider of open source software and operating...  ...enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers...  ...and better products. Whatever your identity, we will give your application fair... 
    Contract work
    Work at office
    Work from home
    Worldwide
    Flexible hours

    Canonical

    Cleveland, OH
    15 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Security Engineer, Identity & Cloud Controls. Be the first to apply!