Cloud Security & Compliance Engineer

<div class="isg-job-description“>Why AIS?

When you join AIS, you’re joining a mission-driven team that’s passionate about making a difference. You’ll work on projects that matter, alongside industry-leading experts, in an environment that fosters innovation, driving client success, and empowering our team to make a lasting impact. As an employee-owned company, we value collaboration, inclusivity, continuous growth, and shared success.

• Employee Ownership: Your contributions directly impact the company’s success, and you share in its achievements.

• Continuous Learning: Access to resources, training, and mentorship to support your professional growth.

• Inclusive Culture: A workplace where diversity is celebrated, and everyone’s voice is valued.

• Mission-Driven Work: Engage in projects that make a meaningful difference for our clients and communities.

What are we looking for?

At AIS, we’re looking for more than just skills – we’re looking for driven individuals who are passionate about making a difference, eager to grow, and aligned with our core principles.

What you will be doing?

This position is contingent upon contract award. We are currently pursuing a proposal and are seeking qualified candidates to include in our submission and identify candidates for future hiring needs on the program once awarded.

At AIS, we are dedicated to providing our employees with diverse opportunities to grow their careers while supporting a variety of impactful projects. For this position, we are seeking a talented individual to join AIS as a Security Architect.

• Core Knowledge & Skills: Develops enterprise security architectures, frameworks, and standards; utilizes advanced forensics and integrates solutions with IT systems.

• Work & Complexity: Designs secure architectures, manages integration projects, leads strategic initiatives, and enforces policies and standards.

• Quality & Independence: Ensures integrity and scalability, develops comprehensive strategies, and optimizes solutions for performance and efficiency.

• Teamwork & Communication: Leads architectural teams, builds partnerships, manages knowledge, and communicates strategies and executive reports.

• Consulting & Engagement: Provides architectural consulting, leads innovation initiatives, evaluates enterprise technologies, and builds strategic partnerships.

As your initial project assignment, you will support the unique needs of our client as a Cloud Security & Compliance Engineer.

Introduction

This role is responsible for implementing secure authentication, identity management, and access controls across Azure and Databricks environments, ensuring compliance with regulatory standards like GDPR and SOC 2. The engineer will manage secrets, enforce network isolation, support audit readiness, and enable secure onboarding of teams and services through infrastructure-as-code and Azure-native security tools.

Responsibilities

• Manage authentication and SSO using Azure Entra ID (Azure AD).

• Implement RBAC and managed identities for AKS, Blob, PostgreSQL, and Databricks

• Onboard engineers to proper groups for RBAC access to infrastructure

• Establish new secure authentication mechanisms in Databricks, AI Foundry and AKS to leverage Workload Identity based access where possible

• Request and justify new networking patterns at the IP level with documentation

• Secure secrets and credentials in Azure Key Vault with purge protection

• Secure OpenAI API access via APIM policies and enforce network isolation

• Ensure compliance with GDPR, SOC 2, and conduct regular audits

This posting is part of our ongoing talent pipeline initiative. While there may not be an immediate opening, we are actively building a network of qualified candidates for future opportunities. If you’re interested in being considered when a role becomes available, we encourage you to submit your resume.

Location and Travel details

• This is a remote position with occasional travel (if needed)

Required for this opportunity

• Advanced Terraform for infrastructure automation

• Strong understanding of Azure roles, RBAC, and least-privileged access principles

• experience with identity and access management in Azure, including Entra ID and Workload Identity

• Proficiency in secret and credential management across cloud environments (e.g., Azure Key Vault)

• Solid grasp of Kubernetes fundamentals and AKS integration

• Familiarity with Azure Policy and network security configurations

• Experience conducting audits and ensuring compliance with standards such as GDPR and SOC 2

At AIS, we are committed to offering competitive and fair compensation that reflects the skills, experience, and contributions of each team member.

The targeted base salary range for this role is $138,000-$209,000 per year. Please note that this range is provided as a guideline and the final offer will be based on several factors, including but not limited to, skillset and competencies, level of experience, education, certifications, and location.

We value transparency in our hiring process and are happy to discuss how your unique qualifications align with our compensation structure during the interview process.

Applied Information Sciences does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis. Employment decisions are based solely on qualifications, merit, and business needs.

AIS is an Equal Opportunity Employer
Applied Information Sciences is an Equal Opportunity Employer and does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status or any other basis covered by law. Employment decisions are based solely on qualifications merit, and business need.