M365 Security Engineer

We are seeking an experienced Microsoft Security Professional to safeguard and optimize the organization's digital environment. This role involves designing, implementing, and managing security across Microsoft 365, Azure, and on-premises infrastructures. The ideal candidate will have deep expertise in Microsoft Security, cloud and on-premises security frameworks, identity and access management, and cybersecurity compliance standards.

Key Responsibilities:

1. Microsoft Cloud Security (Azure & Microsoft 365):

• Architect and implement cloud security frameworks following Zero Trust principles.
• Secure Azure resources, subscriptions, management groups, and tenants with strong governance.
• Deploy and manage security solutions: Microsoft Defender for Cloud, Endpoint, Identity, Office 365, Cloud Apps, and Microsoft Sentinel.
• Enforce compliance using Azure Policy, Blueprints, and RBAC.
• Protect workloads across Virtual Machines, App Services, Containers, AKS, Storage, and Databases.
• Implement Conditional Access, MFA, passwordless authentication, and identity protection.
• Conduct Cloud Security Posture Management (CSPM) and remediation of vulnerabilities.

2. Identity & Access Management (IAM):

• Design and manage Microsoft Entra ID / Azure AD architecture.
• Implement Hybrid Identity with AD Connect or Cloud Sync.
• Manage Privileged Identity Management (PIM, PAM), Identity Governance, Access Reviews, and Entitlement Management.
• Secure service principals and managed identities; monitor identity-based attacks.

3. On-Premises Security:

• Fortify Active Directory Domain Services (AD DS) and implement hardening measures.
• Apply tiered admin models, principle of least privilege, and secure GPOs.
• Secure Windows/Linux servers, file servers, and applications.
• Deploy endpoint security via Microsoft Defender for Endpoint.
• Implement patch management using WSUS and Microsoft Endpoint Manager.
• Enhance network security through firewalls, segmentation, DNS, and VPN integration.

4. Endpoint, Email & Collaboration Security:

• Ensure security for Windows, macOS, and mobile devices using Microsoft Intune.
• Configure device compliance, security baselines, and configuration profiles.
• Secure Exchange Online, SharePoint, Teams, and collaboration platforms with anti-phishing, anti-spam, Safe Links, and Safe Attachments.

5. Cybersecurity & CIS Controls:

• Implement CIS Benchmarks for Azure, M365, and Windows environments.
• Align with CIS Critical Security Controls (v8).
• Conduct risk assessments, gap analyses, and maintain documentation and SOPs.

6. Monitoring, Incident Response & Threat Management:

• Design Microsoft Sentinel use cases, develop analytics rules, and create playbooks.
• Lead security incident investigations and response actions.
• Perform threat hunting and forensic analysis.
• Collaborate with SOC, IT, and business teams for cohesive security management.

7. Compliance, Governance & Risk:

• Ensure adherence to ISO 27001, NIST, CIS, GDPR, HIPAA, and other relevant standards.
• Implement Microsoft Purview for DLP, information protection, and data lifecycle management.
• Conduct internal audits and remediation planning.

8. Automation & Continuous Improvement:

• Automate security operations using PowerShell, Azure Logic Apps, and Kusto Query Language (KQL).
• Continuously monitor and optimize security posture.
• Stay updated on Microsoft security roadmap and threat landscape.

Required Skills and Competencies:

Technical Skills:

• Expertise in Microsoft 365 Security & Compliance frameworks.
• Advanced knowledge of Azure Security & Networking.
• Hands-on experience with Microsoft Defender suite and Microsoft Sentinel.
• Strong understanding of Active Directory and Hybrid Identity.
• Experience with CIS Benchmarks and Controls.
• Scripting skills with PowerShell.

Soft Skills:

• Strong analytical and problem-solving capabilities.
• Clear communication and documentation skills.
• Collaboration with cross-functional teams.
• Security-first proactive mindset.

Experience Requirements:

• 8 12 years in IT Security, with focus on Microsoft Security environments.
• Proven experience in hybrid Microsoft infrastructures and security operations.

Preferred Certifications:

• Microsoft Security Operations Analyst (SC-200)
• Microsoft Identity and Access Administrator (SC-300)
• Microsoft Information Protection Administrator (SC-400)
• Microsoft Azure Security Engineer (AZ-500)
• CISSP, CISM, CCSP (preferred)

Reporting & Stakeholder Interaction:

• Reports to: Head of Security / CISO
• Collaborates with: IT Infrastructure, Cloud Services, SOC, Compliance, and Business Teams

Key Performance Indicators (KPIs):

• Reduction in security incidents
• Improvement in compliance posture
• Mean Time to Respond (MTTR) for incidents
• Security score enhancements (Defender / Secure Score evaluations)