Senior Microsoft Security Cloud Engineer.
State of Colorado · Denver, CO
- On site
- Full-time
- $100,000 / year
- Denver, CO
Job highlights
- Secure the university's Microsoft cloud environment.
- Manage Microsoft 365 security monitoring.
- Administer Microsoft Purview for data governance.
- Implement security policies in M365/Azure.
- Collaborate with campus security teams.
About the role
About the University of Colorado System Administration
The System Administration office at the University of Colorado is dedicated to building a workplace where everyone feels valued, supported, and empowered to thrive. Our office is committed to fostering a culture where employees find community, a sense of belonging, and the opportunity to contribute meaningfully to our mission and purpose.
By joining our team, you’ll have a direct impact on shaping the future of higher education. In addition to the Office of the Board of Regents, the University of Colorado’s system administration includes 19 units that provide essential services to CU’s campuses in Aurora, Boulder, Colorado Springs, and Denver, as well as the Office of the President. While not a part of any one campus, we are proud to serve in the centralized office for the University system. Together, we ensure CU continues to deliver outstanding education, groundbreaking research, and valuable service to our communities.
We believe in creating an environment where the unique experiences and perspectives of everyone are embraced, enriching the work we do and the strategic outcomes we pursue. If you’re passionate about making a difference, contributing to a dynamic team, and supporting a mission that matters, we encourage you to apply and be part of our journey. Learn more about CU System Administration.
Position Summary
The University of Colorado System Administration office, located in Denver, brings together administrative departments and service centers that provide guidance and services to all of CU's campuses. University Information Services (UIS) provides technical services and enterprise applications to the University of Colorado’s (CU) four campuses and the Office of the President. UIS is committed to excellence in customer service, technical expertise, and the development of enterprise applications responsible for supporting CU’s students, faculty, staff, and others. The Office of Information Security (OIS) supports the activities of System Administration through a collaborative security process.
The Senior Microsoft Cloud Security Engineer plays a key role in the University of Colorado’s information security operations, focused on collaboratively securing the university’s Microsoft cloud environment. This role includes managing Microsoft 365 security monitoring and incident response, administering and configuring Microsoft Purview for data governance, and implementing security policies and controls across Microsoft 365 and Azure environments.
Working within the Office of Information Security at System Administration and in collaboration with campus Information Security teams, this role ensures the effective protection of university data and services by supporting enterprise-level cloud security strategies. The engineer will also collaborate with IT teams across campuses to apply best practices, support incident investigations, and maintain compliance with regulatory and institutional standards (e.g., GLBA, FERPA, HIPAA, NIST).
This position reports to the System ISO and is exempt from the State of Colorado Classified System.
Where You Will Work
This role is eligible to work remotely within Colorado.
Description Of Job
Duties and Responsibilities:
Microsoft 365 Security Monitoring & Response
- Monitor and respond to alerts in Microsoft Defender XDR, Microsoft Sentinel, and related tools.
- Investigate security incidents and coordinate response and remediation activities.
- Tune alerting systems to reduce false positives and improve threat detection.
Microsoft Cloud Security Configuration & Administration
- Administer and configure security settings across Microsoft 365 and Azure AD.
- Collaborate with IAM and infrastructure teams to ensure secure access and authentication configurations, including conditional access policies, MFA, and identity protection.
- Maintain secure configuration baselines for Microsoft cloud services.
Microsoft Purview & Compliance Management
- Configure and manage Microsoft Purview for data loss prevention (DLP), data classification, and compliance policies.
- Assist units in understanding and applying data governance and protection policies.
- Provide support for compliance assessments, and data privacy reviews.
Security Consulting & Documentation
- Serve as a subject matter expert on Microsoft cloud security for other IT teams and campus stakeholders.
- Develop and maintain documentation of security policies, procedures, configurations, and standards.
- Support security awareness and training efforts related to cloud technologies.
- Work with campus IT and security teams to align Microsoft security practices with institutional goals.
Minimum Qualifications
Bachelor’s degree from an accredited institution of higher education or equivalent professional experience (professional experience may be substituted on a year-for-year basis). Three (3) years of experience managing or securing Microsoft 365 or Azure environments.
Preferred Qualifications
Five (5) years of experience as described above. Experience in information security operations activities. Experience managing Microsoft Defender, Sentinel, and/or Purview in an enterprise environment. Completion of one or more certifications such as Microsoft SC-200, SC-300, AZ-500, or equivalent. Experience working in higher education or the public sector. Experience supporting compliance with GLBA, FERPA, HIPAA, or other regulatory frameworks.
Knowledge, Skills, And Abilities
- In-depth knowledge of Microsoft 365 and Azure security features and administrative portals (e.g., Defender XDR, Purview, Intune).
- Understanding of identity and access management principles, especially as applied to Azure AD.
- Understanding of hybrid on-premise/cloud Microsoft environments.
- Familiarity with data governance and compliance requirements (e.g., FERPA, GLBA, HIPAA, NIST frameworks).
- Skill in analyzing and responding to security incidents and events.
- Ability to configure and manage cloud-native security controls and compliance tools.
- Strong written and verbal communication skills across technical and non-technical audiences.
- Ability to collaborate with cross-functional teams in a distributed IT environment.
Key skills/competency
- Microsoft 365 Security
- Cloud Security Engineering
- Incident Response
- Microsoft Azure
- Microsoft Defender XDR
- Microsoft Sentinel
- Microsoft Purview
- Data Loss Prevention (DLP)
- Identity and Access Management (IAM)
- Compliance Management
Skills & topics
- Microsoft 365 Security
- Cloud Security Engineer
- Information Security
- Incident Response
- Microsoft Azure
- Microsoft Sentinel
- Microsoft Purview
- Data Loss Prevention
- Identity and Access Management
- Compliance
- Higher Education
- Remote
How to get hired
- Tailor your resume: Highlight experience in Microsoft 365, Azure, security monitoring, and incident response.
- Craft a compelling cover letter: Directly address the minimum qualifications and showcase your passion for higher education security.
- Prepare for technical questions: Brush up on Microsoft Defender XDR, Sentinel, Purview, and Azure AD security.
- Demonstrate collaboration skills: Be ready to discuss how you work with cross-functional teams.
- Highlight relevant certifications: Mention any Microsoft security certifications (SC-200, SC-300, AZ-500) or compliance experience.
Technical preparation
Behavioral questions
Frequently asked questions
- What are the key responsibilities for a Senior Microsoft Security Cloud Engineer at the University of Colorado?
- As a Senior Microsoft Security Cloud Engineer at the University of Colorado, you will be responsible for collaboratively securing the university's Microsoft cloud environment. This includes managing Microsoft 365 security monitoring and incident response, administering Microsoft Purview for data governance, and implementing security policies across Microsoft 365 and Azure environments. You'll also collaborate with IT teams to apply best practices, support incident investigations, and ensure compliance with regulatory standards.
- What specific Microsoft technologies are essential for this Senior Microsoft Security Cloud Engineer role?
- This role requires in-depth knowledge of Microsoft 365 and Azure security features and administrative portals, specifically Microsoft Defender XDR, Microsoft Purview, and Intune. Experience with Azure AD, including identity and access management principles and conditional access policies, is also crucial. Familiarity with hybrid on-premise/cloud Microsoft environments is beneficial.
- Does the University of Colorado offer remote work for the Senior Microsoft Security Cloud Engineer position?
- Yes, the Senior Microsoft Security Cloud Engineer position is eligible to work remotely within the state of Colorado. This provides flexibility for qualified candidates located within the state.
- What are the minimum educational and experience requirements for the Senior Microsoft Security Cloud Engineer job?
- The minimum qualifications include a Bachelor’s degree from an accredited institution or equivalent professional experience. You'll also need at least three (3) years of experience managing or securing Microsoft 365 or Azure environments.
- How can I increase my chances of getting hired for the Senior Microsoft Security Cloud Engineer role at the University of Colorado?
- To improve your chances, tailor your resume to highlight specific experience with Microsoft security tools like Defender XDR, Sentinel, and Purview. A strong cover letter that addresses the minimum qualifications and demonstrates your passion for higher education and security is also recommended. Having relevant Microsoft certifications can further strengthen your application.
- What kind of compliance experience is valuable for this Senior Microsoft Security Cloud Engineer position?
- Experience supporting compliance with regulatory frameworks such as GLBA, FERPA, HIPAA, and NIST is highly valued for this role. Familiarity with data governance and compliance requirements is essential for managing Microsoft Purview and ensuring data protection policies are met.