Cloud Security Engineer

Job Information

Number

ICIMS-

Job function

IT

Job type

Full-time

Location

Bedford - 180 Hartwell Road Bedford, Massachusetts 01730 United States

Country

United States

Shift

1st

Introduction

Werfen is a growing, family-owned, innovative company founded in 1966 in Barcelona, Spain. We are a worldwide leader in specialized diagnostics in the areas of Hemostasis, Acute Care Diagnostics, Transfusion, Autoimmunity, and Transplant. Through our Original Equipment Manufacturing (OEM) business line, we research, develop, and manufacture customized assays and biomaterials. We operate directly in 30 countries, and in more than 100 territories through distributors.

Our Headquarters and Technology Centers are located in the US and Europe, and our workforce is more than 7,000 strong.

Our success comes from a specific focus in these rapidly evolving diagnostic areas, our commitment to customers, and our dedication to innovation and quality. We're passionate about providing healthcare professionals the most valuable and complete solutions to improve hospital efficiency and enhance patient care.

Overview

Job Summary

We are seeking a skilled and security-conscious Cloud Engineer to join our dynamic Cybersecurity team. This role is pivotal in designing, deploying, and maintaining our secure cloud infrastructure, with a primary focus on Microsoft Azure and the M365 ecosystem. You will be responsible for translating security requirements into tangible technical controls, ensuring our cloud services are resilient, compliant, and hardened against modern threats.

This position directly adds value by enhancing the organization's security posture and enabling the business to leverage cloud technologies safely and efficiently. Your unique contribution will be as the subject matter expert who bridges the gap between cloud infrastructure and cybersecurity policy.

Responsibilities

Key Accountabilities

• Design, deploy, and manage secure cloud infrastructure (IaaS, PaaS, SaaS) in Microsoft Azure, ensuring alignment with security best practices and architectural standards.
• Administer and secure the Microsoft 365 environment, including Entra , Exchange Online, SharePoint, and Teams, with a focus on implementing robust security configurations and policies.
• Implement, manage, and tune M365 security tools such as the Microsoft Defender suite, Purview Information Protection, and Microsoft Intune for endpoint management and data loss prevention.
• Utilize scripting languages, primarily Power Shell, to automate security tasks, compliance checks, reporting, and administrative routines within Azure and M365.
• Manage Identity and Access Management (IAM), including roles, permissions, and privileged access (PIM), enforcing the principle of least privilege across all cloud platforms.
• Configure and manage cloud networking components, such as Virtual Networks (VNETs), Network Security Groups (NSGs), and Azure Firewall to segment and protect network traffic.
• Monitor cloud environments for security threats, vulnerabilities, and misconfigurations, and collaborate with the Security Operations Center (SOC) during incident response.
• Create and maintain comprehensive documentation for cloud architecture, security configurations, and operational procedures to ensure clarity and business continuity.
• Performs other duties and responsibilities as assigned.

Networking/Key relationships

• Cybersecurity Team:
  Collaborate daily on security strategy, threat intelligence, incident response, and implementing security controls.
• IT Infrastructure Team:
  Partner on network integration, on-premises connectivity (hybrid cloud), and core infrastructure dependencies.
• Application Development Teams:
  Advise on secure development practices and CI/CD pipelines to ensure applications are deployed securely in the cloud.
• IT Service Desk:
  Act as a tier 3 escalation point for complex cloud and M365-related security issues.
• Compliance & Audit Teams:
  Provide evidence and support during internal and external audits to demonstrate adherence to security frameworks and regulations.
• Business Stakeholders:
  Engage with various departments to understand their needs and implement cloud solutions that enable their goals without compromising security.
• External Vendors (e.g., Microsoft):
  Manage vendor relationships for technical support, licensing, and staying abreast of new security features and product roadmaps.

Qualifications

Minimum Knowledge & Experience for the position:

• Education:
  
  Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent professional experience.
• Experience:
  
  3-5 years of hands-on experience in a cloud engineering, systems administration, or cybersecurity role with a strong focus on cloud environments. Direct experience deploying and securing solutions in Microsoft Azure and M365 is required.

Skills & Capabilities:

• Strong proficiency in Microsoft Azure services (IaaS and PaaS), including Virtual Machines, Storage, VNETs, and Azure App Services.
• In-depth…