Job Description
Microsoft Cloud Operations Engineer
Provide advanced engineering, operational, and advisory support for a U.S. Government Agency's Microsoft cloud environments, including Microsoft 365, Azure, and Microsoft Security platforms.
The scope of work includes, but is not limited to, the following activities:
Microsoft Cloud Platform Engineering: Design, implement, operate, and optimize Microsoft 365, Azure, and Microsoft Security services to ensure reliability, scalability, and performance in support of a U.S. Government Agency's mission requirements.
Security Architecture & Compliance: Implement and maintain cloud security controls aligned with NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), and FedRAMP Moderate requirements, including continuous monitoring, risk mitigation, and security posture management.
Identity & Access Management: Administer and secure identity services using Microsoft Entra ID, Conditional Access, privileged access controls, and least-privilege models in accordance with Zero Trust principles and Microsoft best practices.
Collaboration & Messaging Services: Manage and support Exchange Online, Teams, SharePoint Online, and related collaboration services, ensuring availability, security, and compliance with organizational policies.
Azure Infrastructure & Development Support: Provide engineering support for Azure infrastructure, networking, and application workloads, including configuration, maintenance, troubleshooting, and integration with on-premises or hybrid environments as applicable.
Security Operations Enablement: Configure and manage Microsoft Defender, Purview, and related security platforms to support threat protection, data governance, information protection, and incident response readiness.
Change Management & Documentation: Support formal change management processes, maintain technical documentation, and contribute to standard operating procedures to ensure transparency, traceability, and operational continuity.
Advisory & Technical Leadership: Serve as a senior technical advisor to a U.S. Government Agency's stakeholders, collaborating with network, cybersecurity, and cloud teams to resolve complex issues, improve architecture, and support audits, assessments, and compliance reviews.
,
Required Skills
Demonstrated ability to provide senior-level technical leadership and independent operational support for enterprise Microsoft cloud environments, including Microsoft 365, Azure, and Microsoft Security platforms. This includes proof of currently maintained Microsoft certifications in all related areas for a period no less than 5 years.
Required Skills with some of the following:
Proven expertise in designing, implementing, operating, and optimizing Microsoft cloud services to ensure high availability, scalability, performance, and mission alignment.
Ability to implement and maintain cloud security architectures aligned with NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), and FedRAMP Moderate requirements, including continuous monitoring, risk mitigation, and security posture management.
Advanced ability to fully implement and manage a hybrid Active Directory Microsoft M365 and Entra environment implementing the tiered security standards defined by Microsoft’s security framework.
Proven experience creating and managing all aspects of Windows, MacOS, and Apple iOS devices in Intune including compliance and policy delivery.
Proven experience creating and managing Autopilot delivery of operating system images and use of policy and on-demand delivery of software using Intune for environments of at least 700 endpoints.
Practical experience locking down remote PowerShell access for administrative tasks in Entra and Azure across all related APIs to allow necessary administration including headless Exchange Online mailbox provisioning, SharePoint custom user profile field imports, and all Microsoft Graph related access.
Advanced proficiency in identity and access management, including Microsoft Entra ID, Conditional Access, privileged access management, and least-privilege access models, including the implementation and minimal impact transition between MFA providers, implementation of 3rd party MFA as an Entra provider, and implementation of Smart Card and FIDO based key authentication methods across Windows and MacOS systems.
Experience managing and supporting collaboration and messaging services, including Exchange Online, Microsoft Teams, SharePoint Online, and related Microsoft 365 workloads.
Capability to provide Azure infrastructure and application support, including cloud networking, workload configuration, maintenance, troubleshooting, and hybrid integration where applicable.
Hands-on experience configuring and managing Microsoft security platforms, including Defender, Sentinel, and Purview, to support threat protection, data governance, information protection, and incident response readiness.
Demonstrated ability to manage and configure data sources feeding into Microsoft Sentinel including ongoing health reporting and alerting on ingest log data quality.
Ability to support and comply with formal change management processes, produce and maintain technical documentation, training materials, and contribute to standard operating procedures.
Demonstrated capacity to act as a senior technical advisor, collaborating with engineering teams to resolve complex technical issues and support audits, assessments, and compliance reviews.
Ability to perform duties with minimal supervision, exercising sound independent judgment and technical authority in maintaining a secure, resilient, and compliant Microsoft cloud environment.
Implement automated reporting and dashboard creation using Power BI and other Microsoft tools. Reporting must include systems health monitoring, compliance reports, current spend and forecasted spend reports, and utilization reports across all aspects of a U.S. Government Agency's Microsoft cloud infrastructure.
Must have proven experience setting up spending budget configurations in Azure including alerting and reporting for potential overages against budgets that allow 90 days lead time to allow decision time for appropriate actions including either reduction in usage to avoid overages or acquisition and allocation of increased funding.
Must possess some of the following certifications:
Microsoft 365 Certified: Administrator Expert
Microsoft Certified: Cybersecurity Architect Expert
Microsoft Certified: Azure Solutions Architect Expert
Microsoft 365 Certified: Endpoint Administrator Associate
Microsoft Certified: Identity and Access Administrator Associate
Microsoft Certified: Windows Server Hybrid Administrator Associate
Microsoft 365 Certified: Teams Administrator Associate
Microsoft Certified: Information Security Administrator Associate
,
About The Enterprise Security Consultants, LLC
TES Consultants is an SBA 8(a) certified Woman-Owned Small Business (WOSB) specializing in advanced cybersecurity and IT solutions. We leverage extensive industry experience and technical expertise to deliver automated, innovative, and impactful strategies for our DoD, Federal Civilian and Private sector clients.