The role owns KPA's cloud infrastructure, security platforms, and identity management while leading technical modernization initiatives. It involves managing enterprise security tools, automating engineering processes, and ensuring SOC 2 compliance.
Position Description:
The Senior Cloud & Security Engineer to serve as the senior technical counterpart to the Director of Security & Technology. This role owns KPA's cloud infrastructure, security platforms, identity, automation, and technical modernization initiatives. The ideal candidate is a hands-on engineer with strong cloud and systems experience, a security-first mindset, and the ability to independently lead complex technical projects that improve KPA's security, scalability, and operational maturity.
\n
Responsibilities:Security Engineering
- Own KPA's enterprise security platforms including CrowdStrike, Rapid7, Cisco Umbrella, Cisco Duo and related technologies.
- Lead vulnerability management & remediation, endpoint security, identity security, privileged access, penetration testing, and security hardening initiatives.
- Investigate and respond to complex security incidents while partnering with the IT Operations team on security and infrastructure escalations.
- Own the technical implementation and ongoing operation of infrastructure-related SOC 2 controls and security audit related requirements.
- Continuously evaluate new technologies and recommend improvements that strengthen KPA's overall security posture.
Cloud, Identity & Systems Engineering
- Own Microsoft 365, Entra ID, Exchange Online, Exchange Hybrid modernization, identity architecture, and endpoint management.
- Own Azure infrastructure and AWS workloads outside the DevOps application stack. Partner with DevOps where needed as there is a natural crossover between them and this position.
- Own Cisco Meraki networking, VPN infrastructure, and cloud connectivity.
- Lead technical initiatives including cloud modernization, email domain consolidation, phone system replacement, identity modernization, and enterprise platform upgrades.
Automation, Projects & Technical Leadership
- Lead complex security and cloud projects from planning through implementation and post-change validation.
- Build automation using PowerShell, Microsoft Graph, REST APIs, and leverage AI-assisted development and automation to improve engineering efficiency and reduce manual effort.
- Produce clear technical documentation, implementation plans, rollback procedures, and operational handoffs.
- Proactively identify technical debt, security gaps, and opportunities to improve efficiency through automation and modernization.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or equivalent experience.
- 7+ years of experience in cloud infrastructure, systems engineering, security engineering, or a related senior technical role.
- Strong experience administering Microsoft 365, Entra ID, Azure, Windows Server, Exchange Online, and hybrid identity.
- Experience with enterprise security platforms such as CrowdStrike, Rapid7, Cisco Umbrella, Duo, or equivalent technologies.
- Strong understanding of identity, networking, endpoint management, vulnerability management, and Zero Trust security principles.
- Experience supporting SOC 2 or similar compliance frameworks.
- Relevant certifications such as Microsoft AZ-104, AZ-500, MS-102, SC-300, CompTIA Security+, CISSP, or equivalent certifications are preferred.
- Excellent communication, documentation, project management, and problem-solving skills.
Success Criteria:
- Work ethic that aligns with KPA's core values:
- Trust: earning trust through integrity, expertise, and acting in the client's best interest.
- Innovation: continuously seeking out ways to better serve clients.
- Excellence: holding ourselves to high standards in everything we do.
- Results: moving with purpose to deliver meaningful outcomes.
- Provides technical leadership, sound architectural recommendations, and trusted engineering expertise across cloud, infrastructure, and security initiatives.
- Successfully leads cloud modernization and technical security initiatives that improve KPA's security, scalability, and operational maturity.
- Owns and continually improves enterprise security platforms and technical security controls.
- Delivers complex technical projects with strong planning, communication, documentation, testing, and post-implementation validation.
- Reduces manual effort through automation and modern engineering practices.
- Serves as the senior escalation point for complex cloud, infrastructure, and security issues.
- Partners effectively with IT Operations and DevOps to ensure new technologies transition smoothly into day-to-day operations.
Physical Requirements:
Physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Working at a computer typing and view a screen - Constantly
- Stationary sitting or standing - Constantly
- Visual Recognition - Constantly
- Hearing/Listening - Occasionally
- Communicating verbally and/or in writing - Occasionally
- Travel - Seldom
Compensation:
- Annual base salary range between $110-125k commensurate with experience.
- Bonus potential of 10% annually
\n