Job Description

Position   Summary

The AI/Cloud Security Engineer is responsible for implementing, configuring, and maintaining cloud security tools that protect MedReview's cloud and AI infrastructure. This role will monitor and analyze security events, identify vulnerabilities, and implement security controls across Microsoft Azure and Microsoft 365 environments. The engineer will work closely with the security and infrastructure teams to ensure the organizations cloud and AI platforms remain secure, compliant, and resilient. 

This role is onsite Monday-Thursday and remote on Fridays.  You will not be considered for this role if you do not live in the NYC Tri-State area. 

Non-Negotiable Requirements (Must-Have Experience) 
Candidates without the experience below will not be considered.

• Hands-on experience leveraging AI and machine learning technologies to enhance network or cloud security 
• Strong experience with Microsoft Purview (Data Governance/Data Loss Prevention) 
• Experience implementing and managing Microsoft Entra Internet Access/Entra security controls 
• Experience with Microsoft 365 Compliance Center and Security Center 
• Experience securing Microsoft Azure cloud environments 

Job   Responsibilities :  

• Standardize and implement Azure cloud security best practices, processes, and procedures across the organization. 
• Design, deploy, and optimize AI-driven security models to detect malicious traffic, lateral movement, and emerging threats. 
• Utilize AI and machine learning-driven security tools for anomaly detection, behavioral analysis threat intelligence correlation, and bias testing. 
• Integrate and manage AI-enabled security platforms, including SIEM, SOAR, NDR, and XDR solutions, to automate threat detection and incident response. 
• Identify and mitigate adversarial AI risks, including model poisoning, evasion attacks, and data integrity threats.
• Leverage AI technologies to reduce false positives, prioritize alerts, and improve Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). 
• Implement and manage Microsoft Purview security and compliance capabilities, including Data Loss Prevention (DLP), auditing and governance controls. 
• Configure and support Microsoft Entra Internet Access, Entra Private Access, and Global Secure Access to strengthen identity and network security. 
• Manage and maintain Microsoft 365 Compliance and Security Center Controls.
• Collaborate with cross-functional teams to develop and document security standards, policies and best practices. 
• Identify gaps in the organization's security posture and recommend new security tools, controls, and implementation strategies. 
• Monitor cloud infrastructure for security incidents, breaches, and vulnerabilities, and lead incident response investigations. 
• Conduct root cause analysis (RCA) following security incidents and support remediation efforts. 
• Participate in security tabletop exercises and incident response preparedness initiatives. 

Required Experience: 

• 5-10 years of hands-on experience in Cloud Information Security and Cloud Security Engineering 
• Experience implementing security controls across Azure cloud infrastructure 
• Strong experience with identity and Access Management (IAM) and Role-Based Access control (RBAC) 
• Hands-on experience with Microsoft Purview security and compliance capabilities
• Experience monitoring cloud infrastructure and systems for security threats, breaches, and vulnerabilities
• Experience working with Security Operations (SOC) teams to investigate and remediate incidents
• Experience documenting security tools, system configurations, incident investigations, and remediation actions

Preferred Experience:

• Experience applying AI or machine learning technologies within security environments
• Experience in healthcare or other regulated industries 
• Familiarity with security frameworks and regulations such as HIPPA, HITRUST, ISO 27001, ISO 27002, NIST, CMS, or URAC 

Certifications (Preferred):

• CISSP
• CISM
• CISA
• CCSP
• Microsoft Azure Security Engineer Associate 
• Other relevant cloud or cybersecurity certifications 

Additional Requirements: 

• Ability to communicate technical information clearly to both technical and non-technical stakeholders
• Participation in on-call rotation and availability during incident response situations 
• Ability to work evenings or weekends during critical outages or security incidents 

Job Tags

Full time, Live in, Remote work, Weekend work, Afternoon shift

Similar Jobs