Role Overview We are seeking a proactive and detail-oriented L2 IT Security & Cloud Operations Engineer to support and govern our Microsoft 365 and cloud infrastructure environment. This role is focused on security operations, audit readiness, access governance, and policy enforcement across M365 and cloud platforms, while also handling advanced escalations from L1 support. The ideal candidate will bring a strong operational mindset, hands-on technical expertise, and a passion for improving security posture and compliance. Key Responsibilities Security Operations & Governance · Support and administer Microsoft 365 security and compliance controls, including identity protection, access governance, and information security policies. · Assist in the implementation and enforcement of security baselines, conditional access policies, MFA, and role-based access controls (RBAC). · Monitor and respond to security alerts and incidents within Microsoft 365 and cloud platforms; escalate incidents as per defined security playbooks. · Perform periodic access reviews, license audits, and privileged account checks to ensure compliance with internal and regulatory requirements. · Support audit readiness activities by maintaining evidence, logs, access reports, and security documentation. Microsoft 365 & Cloud Platform Administration · Provide advanced L2 support for Microsoft 365 services including Exchange Online, Teams, SharePoint Online, OneDrive, and Entra ID (Azure AD). · Assist with tenant hygiene, configuration reviews, and policy validation to ensure secure and compliant operations. · Support onboarding/offboarding processes with a strong focus on secure access provisioning and deprovisioning. · Contribute to the administration and governance of cloud infrastructure (Azure / AWS / GCP – as applicable), focusing on access, security, and compliance controls. Incident, Audit & Change Support · Handle escalated incidents and service requests from L1 related to security, access issues, and M365 governance. · Support security audits, internal reviews, and compliance assessments (ISO 27001, SOC 2, client audits, etc.). · Participate in change management activities, ensuring security validation before and after changes. · Document incidents, resolutions, and security procedures to strengthen the knowledge base and audit trail. Asset & Endpoint Governance · Maintain accurate IT asset and endpoint security records, including device ownership, compliance status, and lifecycle tracking. · Support endpoint security tooling (MDM/MAM, device compliance, encryption, patch posture). · Generate and maintain audit-ready reports for assets, access, security events, and compliance metrics. Collaboration & Continuous Improvement · Work closely with IT Security, Cloud, Compliance, and Audit teams to improve security posture. · Identify gaps and recommend improvements in security controls, processes, and governance frameworks. · Mentor L1 support engineers on security best practices and standard operating procedures. Required Skills & Experience · 4-6 years of overall IT experience, with at least 1–2 years in an L2 support or cloud/security operations role. · Hands-on experience with Microsoft 365 administration and security features. · Strong understanding of identity and access management, MFA, conditional access, and least-privilege principles. · Experience working with ticketing and ITSM tools (ServiceNow, Jira, Freshservice, Freshdesk, etc.). · Exposure to cloud security concepts (Azure preferred; AWS/GCP exposure is a plus). · Experience supporting audit, compliance, and governance activities. · Strong documentation, reporting, and analytical skills (Excel, dashboards, reports). · Excellent problem-solving, communication, and stakeholder coordination skills. · Ability to work independently and take ownership of security and governance tasks. · Comfortable working in rotational shifts and supporting critical incidents when required. Preferred Skills & Certifications · Working knowledge of ITIL processes (Incident, Change, Problem Management). · Familiarity with security frameworks and standards (ISO 27001, SOC 2, NIST, CIS). · Experience with Microsoft Defender, Purview, Intune, and Entra ID. · Basic understanding of network security, logging, and monitoring. · Certifications (preferred but not mandatory): o Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) o Microsoft Certified: Azure Fundamentals (AZ-900) or Azure Security Engineer (AZ-500) o ITIL Foundation o CompTIA Security+ (nice to have)

About ProcDNA

ProcDNA is a fast-growing, self-funded Analytics and Technology consulting firm established in January 2020, dedicated to delivering exceptional service to the life sciences industry. With deep expertise across Analytics, Insights, Data, and Technology, our team brings experience from leading life sciences companies, pharmaceutical organizations, and strong academic backgrounds to solve complex business challenges. We continuously attract top talent, expand our capabilities, and tailor innovative solutions to meet our clients' evolving needs. As a privately funded organization, we prioritize long-term partnerships, agility, and sustainable growth, enabling us to provide high-impact, client-focused solutions that help our partners succeed.