Microsoft 365 Security Engineer

The Microsoft 365 Security Engineer plays a key role within our client’s security team to protect data, applications, endpoint devices, and users by providing subject matter expertise and operational skills within the Microsoft 365 and Azure suite of security products. The role is responsible for the design implementation, maintenance, testing, and enhancement of security and compliance practices, processes, and toolsets to continually improve our client’s security posture.

Responsibilities:

• Designing, implementing, and maintaining security controls with an Azure/M365 environment.
  
• Monitoring toolsets and systems to ensure our client’s security posture is maintained, and compliance obligations are met.
  
• Proactively remediating identified vulnerabilities by using a variety of security tools.
  
• Support the security team by responding to security incidents and escalations.
  
• Design and architecture of information security controls and safeguards to protect the confidentiality, integrity, and availability of data.
  
• Participation in projects, implementations, and upgrades to provide expertise and guidance.
  
• Proactive review of advisory and implementation of Microsoft features.
  
• Remediate events from Microsoft 365 security and compliance dashboards.
  
• Ensure the environment security posture aligns to documented security procedures, guidelines, training material and best practices or architectural principles.
  
• Performance and progress in the following areas will be the priorities for this position.
  
• Provide guidance and support to the customers in determining and recommending security needs.
  
• Analysis of internal and external security events and reporting these findings to customers with recommendations as required.
  

Qualifications:

Bachelor’s degree in communication engineering or computer science.

Relevant Microsoft cloud security certifications such as:

• SC-200 (Microsoft Security Operations Analyst).
  
• SC-300 (Microsoft Identity and Access Administrator).
  
• SC-100 (Microsoft Information Protection Administrator).
  
• SC-900 (Microsoft Security, Compliance, and Identity Fundamentals).
  
• MS-101 (Microsoft 365 Enterprise Administrator Expert).
  
• MS-500 (Microsoft 365 Security Administration).
  
• AZ – 500 (Microsoft Azure Security Technologies).
  

Technical Requirements:

This role requires 3+ years of experience in IT infrastructure and operational roles where security was a key area of responsibility and focus. It includes experiences such as:

• Experience in applying Microsoft product & technology knowledge to improve the user experience.
  
• Demonstrable experience and knowledge with the architecture, design, settings, configuration, and troubleshooting of Microsoft 365 products and solutions such as:
  
• Azure Active Directory.
  
• Microsoft Defender for Cloud Apps
  
• Azure Information Protection.
  
• Identity and Access Management.
  
• Intune (MAM/ MDM).
  
• Single sign-on and multi-factor authentication and related
  
• Technologies (including Microsoft Enterprise Mobility + Security).
  
• Compliance Center and Microsoft Cloud App Security-based
  
• data loss protection capabilities and policies.
  
• Advanced threat protection and management including
  
• Exchange Online Protection (EOP), Safe Attachments, Safe
  
• Links.
  
• Endpoint security, compliance, and identity management
  
• services.
  
• Microsoft Defender Office 365 and Endpoint.
  
• Microsoft Sentinel.