Lead Security Engineer, Identity & Cloud Controls

Lead Security Engineer, Identity & Cloud Controls responsible for designing, implementing, and governing identity and cloud security controls across IAM platforms, cloud services, and enterprise applications in a co-managed model with SEI Sphere MSSP. Role focuses on identity governance, access control enforcement, shadow IT reduction, and automation across security tooling. Key responsibilities include designing and implementing identity security controls (Microsoft Entra ID/Azure AD, Okta, CyberArk); developing and maintaining RBAC models and Conditional Access with MFA strategies; automating user lifecycle management and access reviews; configuring Defender, Purview, and data protection policies; governance of third-party app access and OAuth/API integrations; building automated security processes using PowerShell and Microsoft Graph API; ensuring alignment with SEC/FINRA regulatory requirements and supporting audits; driving security architecture and Zero Trust initiatives and contributing to security strategy and incident response readiness.