Identity and GRC Security Engineer

About The Position

Requirements

• Bachelor’s degree in computer science, Information Technology or Business Management preferred but not required.
• Minimum three years of experience in enterprise information technology with a focus on engineering and security.

Nice To Haves

• CRISC, CISSP, CISM or similar security or risk certifications.
• Microsoft AZ-104, AZ-305, SC-200, SC-300, SC-500, AZ-500
• Strong with Microsoft Azure offerings.
• Strong with Microsoft desktop and server operating systems.
• Strong with security best practices from NIST, CIS, and PCI.
• Strong with practical application of security in an enterprise.
• Analytical and holistic thinking.
• Ethically and morally sound decision-making abilities.
• Demonstratable problem-solving skills.

Responsibilities

• Partner with technology and business teams to achieve and sustain compliance with internal and regulatory security requirements.
• Supports Identity and Access Management in a primarily Azure-first stack, including Entra, MFA, Conditional Access, PIM, RBAC.
• Owns security control functions including design, implementation, and monitoring of security controls and policy as code.
• Enhance existing SIEM functionality with governance engineering for change control, access revocation, and security monitoring.
• Continually improves security through adoption of new tooling, features, processes, and technology consolidations.
• Build incident response procedures, including analyzing, detection, containment, documentation, remediation, and improvement plans on an Azure-first tech stack.
• Other security engineering, governance, risk, compliance, or technology related duties as required.