Andiamo
Cloud Engineer - Natural And Organic Grocery Leader
We are seeking a hands‑on security engineer with a strong background in infrastructure hardening, identity and access management, and automation. This role is highly technical and will focus on strengthening enterprise defenses across servers, cloud platforms, and identity systems, while driving Zero Trust initiatives and security automation at scale.
Key Responsibilities
Implement host‑based firewalls with default‑deny policies across ~450 servers, ensuring proper segmentation and least‑privilege access.
Harden Active Directory and ESXi environments to align with security best practices and compliance standards.
Review and remediate Palo Alto firewall configurations, applying best‑practice optimizations and improving rule hygiene.
Develop and maintain automation scripts using PowerShell and Terraform to streamline security operations.
Administer SIEM platforms to enhance threat visibility, fine‑tune detection rules, and improve incident response capabilities.
Lead Zero Trust and IAM initiatives, including Okta FastPass and Device Trust rollouts, and enforce least‑privilege access across applications.
Configure and manage Netskope Network Private Access for per‑application access control.
Support Conditional Access hardening in Okta and Azure Entra, while onboarding and maintaining SAML/OIDC integrations.
Deploy and configure Reco for shadow IT discovery and connector management.
Enhance identity threat detection and response (ITDR) systems, fine‑tuning policies and remediating risks.
Manage CrowdStrike CSPM integrations, ensuring accurate telemetry, tuning, and remediation of cloud security issues.
Perform Azure administration tasks, supporting secure configurations, monitoring, and governance improvements.
Qualifications
Proven experience with enterprise‑scale infrastructure hardening, including AD, ESXi, and firewall environments.
Strong background in IAM and Zero Trust architecture, with practical expertise in Okta, Azure Entra, and modern access controls.
Hands‑on experience with Palo Alto firewalls, rule optimization, and security best practices.
Proficiency in automation and scripting using PowerShell and Terraform.
Experience managing SIEM solutions and tuning alerts for effective incident detection.
Working knowledge of cloud security posture management (CSPM) and CIEM concepts, including least‑privilege enforcement.
Strong understanding of conditional access, SAML/OIDC integrations, and identity security hygiene.
Knowledge of Azure administration and security best practices for hybrid environments.
Preferred Experience
Exposure to Netskope NPA and Reco or similar shadow IT discovery tools.
Experience with ITDR and SSPM remediation workflows.
Background in managing high‑scale enterprise server environments with strict compliance requirements.
Why This Role? This position offers the opportunity to lead key initiatives in hardening enterprise systems, advancing Zero Trust security, and automating defenses at scale. You’ll be working with modern tools and frameworks, directly shaping how critical infrastructure and identity systems are secured. If you thrive in solving complex challenges across infrastructure, cloud, and identity domains, this role puts you at the forefront of enterprise security transformation.
About Andiamo Talent Partners for the AI Revolution. As a globally recognized staffing and consulting firm, we specialize in placing the top 2% of technology and go‑to‑market professionals with the world’s largest and most well‑known companies.
For over 20 years, we've maintained the status of tier‑one vendor for firms such as Palantir, Amazon, Fluidstack, Bloomberg, Relativity Space, Firefly, MasterCard, Visa, Two Sigma, Citadel, as well as other major financial services firms, elite hedge funds, Google‑backed tech start‑ups, and major software firms.
Our talent solutions include Permanent Placement, Contract Staffing, Executive Search, and Dedicated Recruiting Services (RPO). Find out more at
www.andiamogo.com .
Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Engineering and Information Technology
Industry: Staffing and Recruiting
#J-18808-Ljbffr
Key Responsibilities
Implement host‑based firewalls with default‑deny policies across ~450 servers, ensuring proper segmentation and least‑privilege access.
Harden Active Directory and ESXi environments to align with security best practices and compliance standards.
Review and remediate Palo Alto firewall configurations, applying best‑practice optimizations and improving rule hygiene.
Develop and maintain automation scripts using PowerShell and Terraform to streamline security operations.
Administer SIEM platforms to enhance threat visibility, fine‑tune detection rules, and improve incident response capabilities.
Lead Zero Trust and IAM initiatives, including Okta FastPass and Device Trust rollouts, and enforce least‑privilege access across applications.
Configure and manage Netskope Network Private Access for per‑application access control.
Support Conditional Access hardening in Okta and Azure Entra, while onboarding and maintaining SAML/OIDC integrations.
Deploy and configure Reco for shadow IT discovery and connector management.
Enhance identity threat detection and response (ITDR) systems, fine‑tuning policies and remediating risks.
Manage CrowdStrike CSPM integrations, ensuring accurate telemetry, tuning, and remediation of cloud security issues.
Perform Azure administration tasks, supporting secure configurations, monitoring, and governance improvements.
Qualifications
Proven experience with enterprise‑scale infrastructure hardening, including AD, ESXi, and firewall environments.
Strong background in IAM and Zero Trust architecture, with practical expertise in Okta, Azure Entra, and modern access controls.
Hands‑on experience with Palo Alto firewalls, rule optimization, and security best practices.
Proficiency in automation and scripting using PowerShell and Terraform.
Experience managing SIEM solutions and tuning alerts for effective incident detection.
Working knowledge of cloud security posture management (CSPM) and CIEM concepts, including least‑privilege enforcement.
Strong understanding of conditional access, SAML/OIDC integrations, and identity security hygiene.
Knowledge of Azure administration and security best practices for hybrid environments.
Preferred Experience
Exposure to Netskope NPA and Reco or similar shadow IT discovery tools.
Experience with ITDR and SSPM remediation workflows.
Background in managing high‑scale enterprise server environments with strict compliance requirements.
Why This Role? This position offers the opportunity to lead key initiatives in hardening enterprise systems, advancing Zero Trust security, and automating defenses at scale. You’ll be working with modern tools and frameworks, directly shaping how critical infrastructure and identity systems are secured. If you thrive in solving complex challenges across infrastructure, cloud, and identity domains, this role puts you at the forefront of enterprise security transformation.
About Andiamo Talent Partners for the AI Revolution. As a globally recognized staffing and consulting firm, we specialize in placing the top 2% of technology and go‑to‑market professionals with the world’s largest and most well‑known companies.
For over 20 years, we've maintained the status of tier‑one vendor for firms such as Palantir, Amazon, Fluidstack, Bloomberg, Relativity Space, Firefly, MasterCard, Visa, Two Sigma, Citadel, as well as other major financial services firms, elite hedge funds, Google‑backed tech start‑ups, and major software firms.
Our talent solutions include Permanent Placement, Contract Staffing, Executive Search, and Dedicated Recruiting Services (RPO). Find out more at
www.andiamogo.com .
Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Engineering and Information Technology
Industry: Staffing and Recruiting
#J-18808-Ljbffr