3+ month contract to hire (W2 ONLY, NO C-C)
McKinney, TX (Hybrid)
Position Summary
We are seeking a Cloud Security Engineer with a strong focus on Microsoft Azure to design, implement, and operate security controls across a predominantly Azure-based environment. This role will partner closely with Cloud Engineering, Identity, and Cyber Operations teams to ensure secure-by-design cloud deployments, continuous monitoring, and alignment with enterprise security frameworks.
Key Responsibilities
- Design and implement security controls across Azure services including compute, storage, networking, and PaaS offerings
- Secure Azure landing zones using best practices aligned to Zero Trust principles
- Implement and manage Azure-native security services (Defender for Cloud, Conditional Access, Key Vault, etc.)
- Partner with architecture teams to embed security into cloud design patterns and reference architectures
- Monitor and respond to cloud security alerts and incidents across Azure environments
- Integrate Azure logs with SIEM/SOAR platforms (e.g., Sentinel, CrowdStrike, etc.)
- Support incident response activities related to cloud threats and misconfigurations
- Develop automation for detection and response using Azure-native tooling
- Implement and enforce strong identity controls leveraging Microsoft Entra ID
- Design Conditional Access policies and support passwordless initiatives (WHfB, FIDO2, etc.)
- Ensure least privilege access using RBAC, PIM, and Just-in-Time access models
- Manage cloud security posture using tools such as Defender for Cloud and/or CNAPP platforms
- Identify and remediate misconfigurations, vulnerabilities, and compliance gaps
- Partner with engineering teams to prioritize and remediate risks based on business impact
- Implement data protection controls across Azure services (encryption, DLP, data classification)
- Secure data flows between cloud services and external integrations
- Support compliance initiatives (NIST, CIS, ISO, PCI, etc.) through technical control implementation
- Integrate security into CI/CD pipelines (IaC scanning, secrets management, policy enforcement)
- Support secure Infrastructure-as-Code (Terraform, Bicep, ARM templates)
- Automate security controls and validation through scripting (PowerShell, Python, etc.)
Required Qualifications
- 5+ years of experience in cloud security or cloud engineering
- Strong hands-on experience securing Microsoft Azure environments (90%+)
- Experience with:
- Microsoft Defender for Cloud / Azure Security Center
- Microsoft Entra ID (Azure AD), Conditional Access, RBAC
- Azure networking (VNets, NSGs, Private Endpoints, Firewall)
- Familiarity with SIEM/SOAR platforms (e.g., Microsoft Sentinel, CrowdStrike, Splunk)
- Experience with Infrastructure-as-Code and automation
- Strong understanding of Zero Trust architecture principles
- Experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, CrowdStrike CNAPP)
- Knowledge of SaaS security monitoring and API-based integrations
- Familiarity with Zscaler (ZIA/ZPA) or similar secure access solutions
- Experience in hybrid environments (Azure + on-prem)
- Relevant certifications:
- AZ-500 (Azure Security Engineer)
- CISSP, CCSP, or equivalent
Estimated Min Rate: $60.00
Estimated Max Rate: $75.00
What’s In It for You?
We welcome you to be a part of the largest and legendary global staffing companies to meet your career aspirations. Yoh’s network of client companies has been employing professionals like you for over 65 years in the U.S., UK and Canada. Join Yoh’s extensive talent community that will provide you with access to Yoh’s vast network of opportunities and gain access to this exclusive opportunity available to you. Benefit eligibility is in accordance with applicable laws and client requirements. Benefits include:
- Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
- Health Savings Account (HSA) (for employees working 20+ hours per week)
- Life & Disability Insurance (for employees working 20+ hours per week)
- MetLife Voluntary Benefits
- Employee Assistance Program (EAP)
- 401K Retirement Savings Plan
- Direct Deposit & weekly epayroll
- Referral Bonus Programs
- Certification and training opportunities
Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.
Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.
For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
By applying and submitting your resume, you authorize Yoh to review and reformat your resume to meet Yoh’s hiring clients’ preferences. To learn more about Yoh’s privacy practices, please see our Candidate Privacy Notice: https://www.yoh.com/privacy-notice
