[Remote] Senior Microsoft Cloud Engineer - Data Sharing & B2B

Note: The job is a remote job and is open to candidates in USA. Applied Information Sciences (AIS) is a mission-driven company focused on making a difference through innovative projects. They are seeking a Senior Microsoft Cloud Engineer to lead the design, implementation, and optimization of secure external collaboration capabilities across the Microsoft cloud ecosystem.

Responsibilities

• Design, configure, and maintain Microsoft Entra B2B collaboration and cross-tenant access settings to support secure partner and guest access to enterprise applications, collaboration workloads, and external-facing business solutions
• Engineer and administer external identity controls including invitation workflows, trust settings, guest lifecycle processes, access reviews support, and secure onboarding/offboarding patterns for third-party users
• Design and implement security architecture for external access to SharePoint extranets, including authentication patterns, authorization boundaries, site and content protection models, sharing restrictions, and monitoring requirements
• Define and implement Microsoft Purview Information Protection controls including sensitivity labels, encryption, data handling rules, and integration points with DLP and collaboration workloads
• Design and implement Microsoft Purview Message Encryption and related encrypted mail protections for secure communication with external recipients, including policy-based encryption use cases and operational support models
• Design, test, and tune Conditional Access policies to govern external access based on user, device, application, session, location, risk, and authentication context, using phased rollout and validation practices
• Build secure access patterns for Power Platform applications, flows, and connectors through environment strategy, role design, data policies, connector governance, and identity controls
• Define and implement security controls for Power BI reports, dashboards, semantic models, workspaces, sharing models, and external consumption scenarios
• Partner with security, compliance, messaging, collaboration, and application teams to translate policy and regulatory requirements into enforceable cloud controls
• Produce architecture diagrams, standards, control narratives, engineering runbooks, and operational procedures for steady-state support

Skills

• 8+ years of experience in Microsoft cloud engineering, with substantial hands-on responsibility for Microsoft 365, Azure, and enterprise security controls
• 4+ years of direct experience designing and administering Microsoft Entra ID / Azure AD identity and access solutions
• Deep experience with Microsoft Entra External ID / B2B collaboration, cross-tenant access, external collaboration settings, guest access governance, and secure partner access models
• Strong experience implementing Microsoft Purview Information Protection capabilities, including sensitivity labels, encryption, and data protection policy integration
• Strong experience designing Microsoft Purview Message Encryption / OME solutions for secure external email exchange
• Proven experience designing and deploying Conditional Access policies in enterprise environments, including policy testing, exception handling, and access hardening
• Experience securing SharePoint Online sites and extranets for external access, including site permissions, sharing models, and information protection considerations
• Experience implementing governance and security controls for Power Platform, including environment strategy, roles, and data policies
• Experience securing Power BI platforms, including workspace governance, dataset security, sharing controls, and report access design
• Experience in highly regulated environments such as defense, government, healthcare, financial services, or other compliance-driven enterprises
• Experience supporting security assessments, accreditation packages, or control inheritance models
• Familiarity with Microsoft Defender, audit logging, insider risk considerations, and monitoring of collaboration and sharing events
• Experience with DevOps, infrastructure as code, or scripted administration using PowerShell, Microsoft Graph, or automation tooling
• Microsoft certifications in areas such as Microsoft Entra, Microsoft 365 Security, Azure Security, or Purview

Benefits

• Employee Ownership: Your contributions directly impact the company’s success, and you share in its achievements.
• Continuous Learning: Access to resources, training, and mentorship to support your professional growth.
• Inclusive Culture: A workplace where diversity is celebrated, and everyone’s voice is valued.
• Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.
• Flexible - We offer flexibility in how you work. This role is remote eligible with the flexibility to work hybrid or in-office from our Reston, VA headquarters if you're local and prefer an office environment.

Company Overview

Company H1B Sponsorship