Microsoft 365 Security Engineer

Summary   

We are seeking a highly skilled Systems Engineer with a strong security focus to join our team. The ideal candidate will have extensive experience in security monitoring, application monitoring, and network monitoring while being proficient in multiple security tools. A deep understanding of Microsoft Security Tool stacks and hands-on expertise in SIEM (Security Information and Event Management) solutions are essential for this role. This position will play a crucial role in designing, implementing, and maintaining our organization's security infrastructure to ensure a robust and resilient cybersecurity posture.

Essential Duties and Responsibilities

• Design, deploy, and maintain security monitoring solutions across enterprise environments.
• Implement and optimize Microsoft Security tools, including but not limited to Microsoft Defender for Endpoint, Defender for Office 365, Sentinel, Microsoft Purview, and Entra ID Protection.
• Manage and enhance SIEM platforms to detect, analyze, and respond to security threats effectively.
• Monitor and analyze system and network activity for security incidents, vulnerabilities, and performance issues.
• Develop and refine incident response processes, ensuring swift detection and mitigation of security events.
• Collaborate with IT and security teams to harden system configurations, enforce security policies, and improve overall security posture.
• Conduct security assessments, penetration tests, and risk analyses to identify and mitigate security gaps.
• Automate security workflows and incident response procedures using scripting and automation tools (e.g., PowerShell, Python, or Azure Logic Apps).
• Stay updated with emerging security threats, vulnerabilities, and industry best practices to continuously enhance security defenses.
• Assist in compliance efforts, ensuring adherence to frameworks such as NIST, CIS, ISO 27001, and SOC 2.

Qualifications 

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Hands-on experience with Microsoft Security solutions, including Microsoft Defender, Sentinel, and Entra ID Protection.
• Expertise in SIEM technologies (e.g., Microsoft Sentinel, Splunk, QRadar, or similar).
• Strong understanding of security monitoring, application monitoring, and network monitoring methodologies.
• Proficiency in Windows Server, Active Directory, and Azure security principles.
• Knowledge of firewall configurations, intrusion detection/prevention systems (IDS/IPS), endpoint detection & response (EDR), and network security.
• Certifications such as Microsoft Certified: Security Operations Analyst, CISSP, CISM, CEH, or GIAC.
• Knowledge of container security, DevSecOps principles, and cloud-native security tools.
• Familiarity with log aggregation, anomaly detection, and behavioral analytics.

Education and/or Experience   

• 7+ years of experience in systems engineering with a focus on security.
• Experience in threat hunting, security incident investigation, and forensic analysis
• Experience working in environments compliant with HIPAA, GDPR, PCI-DSS, or SOX.
• Experience and knowledge of deploying, configuration and management of Microsoft Cloud and Security Stack.  Including but not limited to: Azure AD, Entra, Defender, Intune, Sentinel / Threat Protection, Email & Data Protection, Compliance and Governance and Network – Application Security

Language Skills

Ability to read and comprehend simple instructions, short correspondence, and memos.  Ability to write simple correspondence.  Ability to effectively present information in one-on-one and small group situations to customers, clients, and other employees of the organization.

Mathematical Skills  

Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals.  Ability to compute rate, ratio, and percent and to draw and interpret bar graphs.

Work Environment 

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Always practice good judgment and refer to the safety guidelines.

The noise level in the work environment is usually moderate.

• Hybrid or remote work options available depending on location.
• May require participation in an on-call rotation for security incident response.

Collaboration with cross-functional teams, including IT, DevOps, and Security Operations.

Pay Range: $110,000 - $130,000