Cloud Security Engineer - Public Sector, IT Operations

📍 Job Overview

• Job Title: Cloud Security Engineer - Public Sector, IT Operations
• Company: BDO USA
• Location: Orlando, FL
• Job Type: Full time
• Category: Cybersecurity & Information Security
• Date Posted: 2025-07-30
• Experience Level: Mid-Senior level (2-5 years)
• Remote Status: On-site

🚀 Role Summary

• 📝 Enhancement Note: This role focuses on securing the organization's cloud-based digital platforms and related data, with a strong emphasis on Microsoft 365 GCC High services. The ideal candidate will have a solid background in cloud security, identity management, and incident response, with a deep understanding of FedRAMP, NIST, and CMMC standards.

💻 Primary Responsibilities

• 📝 Enhancement Note: The primary responsibilities of this role revolve around planning, implementing, and monitoring security measures for cloud-based platforms. This includes collaborating with IT teams, instituting security policies, and leading incident response efforts.

• Collaborate with Public Sector and BDO National IT teams on standards, configuration recommendations, and best practices for the secure management of Microsoft 365 GCC High services.

• Institute policies for identity, device, and access management using Zero Trust principles and security baselines.

• Review results from configuration management/testing, profiling, and assessment tooling to address vulnerabilities, misconfigurations, and/or access risks.

• Implement, maintain, and monitor backup and disaster recovery strategies for M365 environment.

• Participate in the Change Control Board.

• Monitor for and investigate emerging cyber threats in BDO Public Sector cloud environment, and work with staff on recommending and implementing defensive actions.

• Contribute to System Security Plans (SSPs), Plan of Action & Milestones (POA&Ms), and other artifacts for audit readiness.

• Perform maintenance and enhancements on existing security alerts to reduce false positives.

• Lead the remediation efforts of vulnerabilities within cloud resources.

• Lead the Incident Response Team, which includes monitoring for and determining Indicators of Compromise.

• Collaborate with security operations professionals to analyze triaged security alerts to determine the appropriate escalation and remediation paths.

• Design and implement security-related technologies such as MFA, FIDO2, endpoint detection and response (EDR), and mobile device management (MDM) within a GCC High tenant.

• Align enterprise IT planning with cybersecurity risk management strategies using NIST SP 800-171 and other applicable frameworks.

• Perform and report phishing testing and develop necessary training.

• Escalate critical issues to management.

• Document and maintain policies and procedures.

• Other duties as required.

🎓 Skills & Qualifications

Education

• High school diploma or GED, required
• Bachelor's degree in Cloud Computing, Information Technology, Information Science, Informatics, or Information Systems, preferred

Experience

• Three (3) or more years of experience providing IT systems security support or incident response, required

License/Certifications

• SC-100 – Microsoft Certified Cybersecurity Architect Expert, preferred
• AZ-305 – Azure Solutions Architect Expert, preferred
• AZ-500 – Azure Security Engineer Associate, preferred

Software

• Proficiency with Microsoft Intune, Entra ID/Azure AD, Microsoft 365 Admin Center, and Microsoft Defender for Endpoint, required
• Proficiency with Microsoft Office Suite, preferred
• Proficiency with Power BI, Apple Business Manager, and MacOS and iOS management via Intune, preferred

Language

• N/A

Other Knowledge, Skills, and Abilities

• Strong verbal and written communication skills
• Excellent interpersonal and customer relationship skills
• Capacity to work in a deadline-driven environment while handling multiple complex projects/tasks simultaneously with a focus on details
• Capable of successfully multi-tasking while working independently or within a group environment
• Familiar with various regulatory policies (PCI, HIPAA, GLBA and other statutory regulations) as they relate to data security and IT policies, procedures, and standards
• Basic awareness of PCI-DSS, ISO 2700x, FISMA, and other industry recommended security frameworks
• Strong understanding of security breach detection and mitigation
• Ability to rely on extensive experience and judgment to plan and accomplish goals
• Capable of working well under pressure while dealing with unexpected issues in a professional manner
• Capacity to communicate and interact with all levels of employees and management
• Ability to interact and build consensus among people
• Ability to work after standard business hours and travel, as needed
• Ability to design capabilities to find solutions to less common and more complex system problems

📊 Web Portfolio & Project Requirements (N/A for this role)

💵 Compensation & Benefits (N/A for this role)

🎯 Team & Company Context

🏢 Company Culture

• Industry: Accounting and professional services
• Company Size: Medium (5,001-10,000 employees)
• Founded: 1910
• Team Structure: The IT Operations team is part of the broader BDO IT department, which supports the firm's global operations. The team consists of various roles, including cloud security engineers, IT administrators, and IT project managers.
• Development Methodology: The team follows Agile methodologies, with a focus on iterative development, continuous improvement, and regular stakeholder communication.

📈 Career & Growth Analysis

• Web Technology Career Level: Mid-Senior level (2-5 years)
• Reporting Structure: This role reports directly to the IT Operations Manager.
• Technical Impact: The Cloud Security Engineer plays a crucial role in protecting the organization's cloud-based digital platforms and related data. Their work directly impacts the security, reliability, and performance of the firm's technology services.

🌐 Work Environment

• Office Type: Modern, collaborative office space with dedicated workstations and meeting areas.
• Office Location(s): Orlando, FL
• Workspace Context: The workspace is designed to facilitate collaboration and communication among team members. It includes dedicated workstations, meeting rooms, and breakout spaces.
• Work Schedule: The standard workweek is Monday through Friday, with the possibility of working after standard business hours and traveling as needed.

📄 Application & Technical Interview Process

• Interview Process:
  • Process step 1: Phone or video screen to assess communication skills and basic technical knowledge.
  • Process step 2: Technical deep dive, focusing on cloud security, identity management, and incident response. This may include case studies, scenario-based questions, and hands-on exercises.
  • Process step 3: Behavioral and situational questions to evaluate problem-solving skills, adaptability, and cultural fit.
  • Process step 4: Final interview with the hiring manager to discuss the role's fit within the organization and answer any remaining questions.
• Portfolio Review Tips: N/A (not applicable for this role)
• Technical Challenge Preparation: N/A (not applicable for this role)
• ATS Keywords: Cloud Security, Microsoft 365, Identity Management, Access Management, Incident Response, Vulnerability Management, Cybersecurity, Disaster Recovery, Configuration Management, Zero Trust, Security Policies, Phishing Testing, Communication Skills, Interpersonal Skills, Regulatory Compliance, Security Frameworks

🛠 Technology Stack & Web Infrastructure (N/A for this role)

👥 Team Culture & Values

• Web Development Values: N/A (not applicable for this role)
• Collaboration Style: The team values open communication, active listening, and regular feedback. They encourage knowledge sharing, mentoring, and continuous learning.

⚡ Challenges & Growth Opportunities

• Technical Challenges:
  • Staying up-to-date with the latest cloud security trends and best practices.
  • Managing multiple complex projects and tasks simultaneously while maintaining a focus on details.
  • Working under pressure and dealing with unexpected issues in a professional manner.
• Learning & Development Opportunities:
  • Pursuing relevant certifications, such as Microsoft Certified: Azure Security Engineer Associate (AZ-500) or Microsoft Certified: Azure Solutions Architect Expert (AZ-305).
  • Attending industry conferences, webinars, and workshops to stay current on emerging trends and best practices in cloud security.
  • Seeking mentorship opportunities within the team or through professional organizations.

💡 Interview Preparation

• Technical Questions:
  • Be prepared to discuss your experience with cloud security, identity management, and incident response.
  • Demonstrate your understanding of FedRAMP, NIST, and CMMC standards, and how you've applied them in previous roles.
  • Prepare for scenario-based questions that focus on problem-solving, decision-making, and communication skills.
• Company & Culture Questions:
  • Research BDO's mission, values, and recent projects to demonstrate your understanding of the organization and its goals.
  • Prepare questions to ask the interviewer about the team's dynamics, priorities, and growth opportunities.
• Portfolio Presentation Strategy: N/A (not applicable for this role)

📌 Application Steps

To apply for this cloud security engineer position:

• Submit your application through the application link provided.
• Tailor your resume and cover letter to highlight your relevant experience, skills, and certifications.
• Prepare for the interview process by researching the company, practicing common interview questions, and brushing up on your technical skills.
• Follow up after the interview to express your appreciation for the opportunity and reiterate your interest in the role.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.