Senior Cloud Engineer bei Kinsale Insurance

Kinsale is seeking an accomplished and forward-thinking Senior Microsoft Cloud Engineer to implement our enterprise’s Microsoft cloud strategy and enable digital innovation through Azure, Entra, Intune, and Microsoft 365 platforms.

This role will serve as a senior technical authority for Microsoft cloud services—designing secure, scalable, and automated solutions that empower modern work and align with Kinsale’s strategic objectives. You’ll partner closely with architecture, application development, information security, and operations teams to modernize and standardize identity, enhance endpoint management, and optimize our use of the Microsoft ecosystem.

All team members collaborate in our Richmond, VA office.

Responsibilities
Cloud Strategy & Engineering
• Architect, implement, and manage Azure environments supporting enterprise workloads and software development needs
• Develop governance frameworks, policies, and automation to ensure secure, compliant, and cost-effective cloud operations
• Define Azure landing zones, networking standards, and identity integration patterns
• Build Infrastructure-as-Code (IaC) deployments using Terraform, ARM templates, and PowerShell
• Regularly evaluate Microsoft cloud offerings and recommend innovations that enhance performance and scalability
• Share expertise with team members, providing training and guidance to strengthen the broader Microsoft Technology Team’s cloud proficiency

Identity and Access Management (Entra)
• Participate in the development of plans, designs, and readiness assessments for potential future migrations from hybrid Active Directory to cloud-only Entra ID
• Design and manage Conditional Access, Privileged Identity Management (PIM), and Role-Based Access Control (RBAC) frameworks
• Drive passwordless authentication adoption using Windows Hello for Business, FIDO2, and other modern identity solutions
• Manage Azure app registrations, service principals, and single sign-on (SSO) integrations across enterprise applications

Endpoint and Device Management
• Provide strategic and architectural direction for Intune and Windows 365 environments to ensure alignment with enterprise security, compliance, and scalability goals
• Collaborate with operational owners to refine compliance baselines, configuration policies, and device enrollment processes
• Partner with Information Security operations to implement zero trust controls and strengthen device security posture

Microsoft 365 and Collaboration Modernization
• Administer, in conjunction with other team members, Microsoft 365 services, including Exchange Online, Teams, and SharePoint Online
• Lead department-level migrations from legacy file shares to Teams/SharePoint for modern collaboration and document management
• Support the implementation of governance, retention, and lifecycle policies within M365

Automation, Integration & Continuous Improvement
• Design and maintain automation workflows leveraging PowerShell, Graph API, and Azure Automation
• Improve monitoring, alerting, and self-healing solutions for cloud resources
• Partner with architects and DevOps teams to ensure cloud environments are secure, efficient, and aligned with business priorities
• Champion continuous learning and adoption of emerging Microsoft technologies

Qualifications

Education & Experience
• Bachelor’s degree in Information Technology, Computer Science, or related field (or equivalent experience)
• 7+ years of experience with cloud-based Microsoft infrastructure technologies
• Minimum 3 years of hands-on experience designing, deploying, and managing Azure and Microsoft 365 environments at scale

Preferred Certifications
• Microsoft Certified: Azure Administrator Associate (AZ-104)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Azure Solutions Architect Expert or Cybersecurity Architect Expert

Technical Expertise
• Deep knowledge of Azure architecture, networking, governance, and cost management
• Proven experience managing Entra ID, Conditional Access, and PIM/RBAC frameworks
• Familiarity with hybrid AD and migration strategies to Entra-only models
• Strong automation and scripting skills using PowerShell and Graph API
• Experience implementing zero trust and passwordless authentication strategies
• Proficiency with Intune, Windows 365, and device compliance policies
• Solid understanding of M365 administration, including Exchange Online, Teams, and SharePoint Online
• Knowledge of Defender for Cloud, Sentinel, or equivalent cloud security solutions

Soft Skills
• Strong desire to assist and share knowledge, both within the immediate team and across the IT department—fostering a culture of growth, mentorship, and cross-functional collaboration
• Excellent analytical, problem-solving, and troubleshooting abilities
• Strong communication and collaboration skills across technical and business teams
• Ability to translate strategic goals into actionable cloud initiatives
• Self-driven, curious, and passionate about innovation and continuous improvement

At Kinsale we offer the following great benefits:
• Competitive salary with performance-based bonus opportunities
• Single and Family Health, Dental and Vision Insurance plans with HSA funds contributed
• Short-Term and Long-Term disability
• Life Insurance
• Matching 401(k) - 6%
• Generous Paid Time Off and Holidays
• $3K yearly in Education dollars for training and certifications

Kinsale values strong financial responsibility. A credit check will be conducted as a part of the selection process for roles that require sound judgement, trustworthiness, or access to sensitive information.