Cloud Engineer I

Sentinel Blue is hiring a Cloud Engineer I for our Operations team. This role supports client environments built on Microsoft cloud services, with most work happening in Azure Government and Microsoft 365 GCC High. You will help implement, maintain, and improve cloud identity, endpoint management, and core tenant services while working within our standards and change control process.

Our ideal candidate is someone who learns quickly, communicates clearly, and takes pride in clean execution. You will work alongside experienced engineers, but you will also be expected to run with defined tasks, document the work performed and have impeccable follow-through.

This is a full-time position that is fully remote.

This position may require access to technology, technical data, or information that is subject to U.S. export control laws and regulations. Employment in this position is contingent upon either verification of U.S. person status as defined under applicable export control regulations (which includes U.S. citizens, lawful permanent residents, and certain protected individuals such as refugees and asylees) or the ability to obtain any required export authorization. The company reserves the right not to apply for an export license and to decline to proceed with any applicant on that basis. All qualified applicants will receive consideration for employment without regard to citizenship status, national origin, or immigration status.

A day in the Cloud Engineer I role: You may handle cloud configuration tasks, work through identity and Microsoft 365 troubleshooting, implement approved changes through the Change Request process, and help align environments with operational and security requirements. You will participate in client calls as needed and contribute to documentation that helps the team support environments consistently.

Responsibilities:

• Handle Entra ID administration and cloud identity tasks, including tenant configuration and common identity integrations.
• Assist with Conditional Access and other policy work within established patterns.
• Administer Microsoft 365 services (Exchange, SharePoint, OneDrive, Teams) and tenant configuration tasks.
• Configure Intune device management tasks tied to cloud service delivery (profiles, compliance, baseline enforcement).
• Contribute to Azure work under guidance, including VMs, storage, networking, and AVD within established designs.
• Implement approved changes via Change Requests, including validation and clear documentation of outcomes.
• Use existing RMM automation and tooling; write small task-level scripts when appropriate.
• Execute patch management and lifecycle workflows within standards, including remediation work under guidance.
• Maintain strong operational hygiene in tickets, notes, and documentation; create new KBs/runbooks/SOPs when gaps are found.
• Participate in client calls as needed for troubleshooting, change discussions, and project work.

What We Can Offer:

Sentinel Blue is a young company with a focused mission: We’re bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we’re pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we’re always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to build your skills. Further, success in this role can quickly transition into a more senior engineering role or even technical leadership opportunities. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference.

You will be required to achieve a Security+ certification in the first 6 months of hire; we’ll cover your certification costs and provide paid time for you to study!

Requirements:

•  2+ years of hands-on experience in IT operations, systems administration, or engineering work in cloud environments.
•  Working knowledge of Entra ID, Intune, and Azure in production environments.
•  Familiarity with Microsoft 365 administration and core tenant services.
•  Strong troubleshooting ability and comfort working within structured workflows.
•  Clear written and verbal communication.
•  Basic scripting ability (PowerShell preferred).
•  CompTIA Security+ required within 6 months of hire if not already held.

Desired Qualifications:

• Familiarity with Azure Government, Microsoft 365 GCC High, or other FedRAMP Moderate platforms.
• Exposure to Microsoft 365 tenant migration work (tenant-to-tenant); AvePoint familiarity is a plus.
• Solid grounding in networking fundamentals (DNS, DHCP, firewalls/routing, VPN).
• Experience in a managed services or multi-client environment.
• Knowledge of CMMC, NIST 800-171, CIS Controls, or other similar frameworks.
• Bachelor’s or Master's degree in Cybersecurity, Information Systems, Computer Science, Business, or a related field.

Benefits:

• Fully paid individual healthcare, vision and dental insurance for the employee.
• Paid certification and training opportunities.
• Three weeks of paid vacation + 10 paid holidays.
• A supportive environment with a focus on keeping healthy work-life balance.
• Retirement benefit (401k) with company match.