Note: The job is a remote job and is open to candidates in USA. Applied Information Sciences (AIS) is a mission-driven company focused on making a difference through innovative projects. They are seeking a Senior Microsoft Cloud Engineer to lead the design, implementation, and optimization of secure external collaboration capabilities across the Microsoft cloud ecosystem.
Responsibilities
- Design, configure, and maintain Microsoft Entra B2B collaboration and cross-tenant access settings to support secure partner and guest access to enterprise applications, collaboration workloads, and external-facing business solutions
- Engineer and administer external identity controls including invitation workflows, trust settings, guest lifecycle processes, access reviews support, and secure onboarding/offboarding patterns for third-party users
- Design and implement security architecture for external access to SharePoint extranets, including authentication patterns, authorization boundaries, site and content protection models, sharing restrictions, and monitoring requirements
- Define and implement Microsoft Purview Information Protection controls including sensitivity labels, encryption, data handling rules, and integration points with DLP and collaboration workloads
- Design and implement Microsoft Purview Message Encryption and related encrypted mail protections for secure communication with external recipients, including policy-based encryption use cases and operational support models
- Design, test, and tune Conditional Access policies to govern external access based on user, device, application, session, location, risk, and authentication context, using phased rollout and validation practices
- Build secure access patterns for Power Platform applications, flows, and connectors through environment strategy, role design, data policies, connector governance, and identity controls
- Define and implement security controls for Power BI reports, dashboards, semantic models, workspaces, sharing models, and external consumption scenarios
- Partner with security, compliance, messaging, collaboration, and application teams to translate policy and regulatory requirements into enforceable cloud controls
- Produce architecture diagrams, standards, control narratives, engineering runbooks, and operational procedures for steady-state support
Skills
- 8+ years of experience in Microsoft cloud engineering, with substantial hands-on responsibility for Microsoft 365, Azure, and enterprise security controls
- 4+ years of direct experience designing and administering Microsoft Entra ID / Azure AD identity and access solutions
- Deep experience with Microsoft Entra External ID / B2B collaboration, cross-tenant access, external collaboration settings, guest access governance, and secure partner access models
- Strong experience implementing Microsoft Purview Information Protection capabilities, including sensitivity labels, encryption, and data protection policy integration
- Strong experience designing Microsoft Purview Message Encryption / OME solutions for secure external email exchange
- Proven experience designing and deploying Conditional Access policies in enterprise environments, including policy testing, exception handling, and access hardening
- Experience securing SharePoint Online sites and extranets for external access, including site permissions, sharing models, and information protection considerations
- Experience implementing governance and security controls for Power Platform, including environment strategy, roles, and data policies
- Experience securing Power BI platforms, including workspace governance, dataset security, sharing controls, and report access design
- Experience in highly regulated environments such as defense, government, healthcare, financial services, or other compliance-driven enterprises
- Experience supporting security assessments, accreditation packages, or control inheritance models
- Familiarity with Microsoft Defender, audit logging, insider risk considerations, and monitoring of collaboration and sharing events
- Experience with DevOps, infrastructure as code, or scripted administration using PowerShell, Microsoft Graph, or automation tooling
- Microsoft certifications in areas such as Microsoft Entra, Microsoft 365 Security, Azure Security, or Purview
Benefits
- Employee Ownership: Your contributions directly impact the company’s success, and you share in its achievements.
- Continuous Learning: Access to resources, training, and mentorship to support your professional growth.
- Inclusive Culture: A workplace where diversity is celebrated, and everyone’s voice is valued.
- Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.
- Flexible - We offer flexibility in how you work. This role is remote eligible with the flexibility to work hybrid or in-office from our Reston, VA headquarters if you're local and prefer an office environment.
Company Overview
AIS helps large commercial and federal clients accelerate innovation with security and compliance in mind. It was founded in 1982, and is headquartered in Reston, Virginia, USA, with a workforce of 501-1000 employees. Its website is https://www.ais.com.Company H1B Sponsorship
AIS (Applied Information Sciences) has a track record of offering H1B sponsorships, with 7 in 2025, 3 in 2024, 4 in 2023, 2 in 2022, 5 in 2021, 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.