Senior Cloud & Security Engineer

About Us:

Navvis is a leading population health company driving performance in value-based care. As an operating partner to some of the countrys most innovative health systems physician enterprises and health plans we provide solutions that accelerate the journey to value-based care. Our approach is market-based we respect the unique needs of populations in each community including access to care culture values and capabilities. Together with our partners we set a new national standard in healthcare performance that delivers the affordability quality access and experience that all patients deserve.

As a Senior Cloud & Security Engineer you will:

• Play a critical role in advancing Navvis cloud first security strategy enabling secure adoption of Azure platforms modern identity services and enterprise grade security monitoring.
• Ensure that security architecture is defined at the enterprise level is successfully translated into operational scalable and resilient solutions that protect Navvis systems data and users while supporting business growth and regulatory requirements.

A Day in the Life:

Security Monitoring & Detection

• Lead configuration tuning and ongoing optimization of the Microsoft Sentinel SIEM platform.
• Develop and maintain analytics and detection rules automated response playbook and security workflows and alerting logic.
• Integrate telemetry from cloud endpoint identity and network sources into Sentinel.
• Partner closely with Navvis SOC provider to enhance detection coverage alert quality and response effectiveness.

Endpoint Security & Device Management

• Engineer and manage enterprise endpoint security and device management capabilities including Microsoft Intune CrowdStrike Falcon and Microsoft Defender for Endpoint.
• Design and maintain device compliance configuration and security baselines across Windows macOS iOS and Android platforms.
• Implement and manage device enrollment strategies compliance policies configuration profiles and application protection policies (MAM).
• Ensure endpoint security controls align with Zero Trust and identity-driven access models.
• Support investigation containment and remediation of endpoint-based security threats.

Identity & Access Security

• Design and manage identity security solutions within Microsoft Entra ID including Conditional Access policies Identity Protection Privileged Identity Management (PIM) and Identity lifecycle and access governance.
• Integrate Intune device compliance and health signals with Conditional Access policies to enforce Zero Trust access decisions.
• Implement and support a Zero Trust identity architecture across the enterprise.

Security Automation & Integration

• Develop security automation using Azure Logic Apps Microsoft Sentinel Playbooks PowerShell and Microsoft Graph APIs.
• Integrate security platforms with incident management ticketing and operational tooling to streamline response and reporting.

Architecture Support & Technical Leadership

• Serve as the technical lead for cloud security engineering initiatives and implementations.
• Partner with the Principal Enterprise Architect Cloud & Security to translate architectural strategy into operational deployment.
• Provide design input and engineering leadership for Azure Landing Zones secure network architectures and enterprise security monitoring frameworks
• Act as the backup authority for cloud and security architecture decisions when the principal architect is unavailable.

Governance Risk & Compliance

• Support enterprise compliance initiatives including SOC 2 HITRUST HIPAA and related frameworks.
• Assist with security control implementation documentation and audit evidence collection.
• Participate in risk assessments security design reviews third-party vendor and technology evaluations

Incident Response & Threat Management

• Support enterprise incident response processes for cloud identity and endpoint security events.
• Investigate security alerts in collaboration with SOC analysts and infrastructure teams.
• Develop and maintain incident response runbooks and security playbooks.

• Bachelors degree in computer science Information Technology or related field or 10 years of subject matter experience.
• 7 years of experience in cloud infrastructure or cybersecurity engineering
• 3 years of hands-on experience securing Azure cloud environments
• Practical experience with SIEM platforms (Microsoft Sentinel preferred)
• Experience managing endpoint security platforms such as CrowdStrike or Microsoft Defender
• Strong experience with identity security and Microsoft Entra ID

We are excited about you if you have these things:

• Azure security architecture and networking
• Microsoft Sentinel SIEM
• Microsoft Entra ID identity and access security
• Microsoft Intune (Endpoint Manager) device and application management
• Endpoint Detection and Response (CrowdStrike / Microsoft Defender)
• PowerShell and security automation scripting
• Security monitoring threat detection and incident response
• Ability to translate security architecture into practical operational engineering solutions
• Strong analytical troubleshooting and problem-solving skills
• Excellent documentation and communication abilities
• Proven experience collaborating with architecture infrastructure and SOC teams

What youll get:

Navvis is committed to attracting the most insightful and motivated talent by providing a candidate and onboarding experience that you wont find elsewhere! We foster an environment and culture that allow people to be creative feel connected and be inspired to do their best work no matter where they are on the map. For all colleagues at Navvis we strive to ensure that they have everything needed to be successful. From the basics like a competitive total rewards strategy volunteering and social engagement activities to creating company experiences that challenge you to think differently and do different things as part of our never stop learning ecosystem we support the whole person when you become a team member at Navvis.

Navvis offers a competitive benefits package including but not limited to medical dental vision 401K with a safe harbor contribution and Paid Time Off plan starting at 2 weeks.

Our Commitment:

Navvis is an equal employment opportunity and affirmative action employer seeking diversity in qualified applicants for employment. All applicants will receive consideration for employment without regard to race ethnicity color gender gender identity age religion creed national origin ancestry disability perceived disability medical condition genetic information military or veteran status sexual orientation or any other protected status as defined by applicable law. Prior to the next step in the recruiting process we welcome you to inform us confidentially if you may require any special accommodation to complete your application and participate fully in our recruitment experience. Contact us at