IT Security Engineer – Microsoft 365 Cloud/Azure

About The Position

Requirements

• Strong experience securing Microsoft 365 and Azure cloud environments.
• Hands-on experience with Microsoft security tools, including Microsoft Defender (Endpoint, Office 365, Identity, Cloud), Microsoft Sentinel, Microsoft Purview (DLP, sensitivity labels, compliance policies)
• Solid understanding of identity and access management using Microsoft Entra ID.
• Familiarity with HIPAA and healthcare regulatory requirements, particularly related to safeguarding ePHI.
• Experience supporting audits, risk assessments, and compliance initiatives.
• Excellent understanding of security best practices for cloud first and remote workforce environments.
• Experience using PowerShell for automation, reporting, or security operations tasks.
• Ability to analyze security alerts, logs, and telemetry across Microsoft platforms.
• Strong analytical and problem solving abilities.
• Excellent written and verbal communication skills, including the ability to explain security concepts to non-technical stakeholders.
• Ability to balance security, usability, and compliance in a healthcare environment.
• 3+ years in security engineering or cloud security roles.
• Experience with incident response, SIEM tools, and security compliance frameworks.

Nice To Haves

• Working knowledge of networking fundamentals, including TCP/IP, DNS, HTTPS, VPNs, and secure connectivity concepts
• Familiarity with modern / next generation firewall platforms, including policy based rules, application awareness, logging, and monitoring
• Experience collaborating with infrastructure or network teams on firewall rules, secure access design, or cloud network controls
• Exposure to Azure networking concepts such as V Nets, private endpoints, and service endpoints
• Microsoft Certified: Security Operations Analyst Associate
• Microsoft Certified: Identity and Access Administrator Associate
• Microsoft Certified: Cybersecurity Architect Expert

Responsibilities

• Design, implement, and maintain security controls across Microsoft 365 and Azure to protect organizational systems, users, and electronic Protected Health Information (ePHI).
• Configure and manage Microsoft Entra ID (Azure AD) security features, including Conditional Access, Multi-Factor Authentication (MFA), Identity Protection, and role-based access control (RBAC).
• Support secure access for a distributed workforce.
• Deploy and manage Microsoft Defender solutions, including Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud.
• Monitor, investigate, and respond to security alerts and incidents using Microsoft Sentinel and Defender portals.
• Perform incident triage, root cause analysis, containment, and remediation, with appropriate documentation and post incident review.
• Implement and maintain Data Loss Prevention (DLP), sensitivity labels, and information protection policies using Microsoft Purview.
• Support HIPAA Security Rule requirements by helping ensure appropriate administrative and technical safeguards are in place to protect ePHI.
• Assist with internal and external audits, risk assessments, and compliance reviews.
• Support the secure and compliant use of AI enabled capabilities, including Microsoft and third party AI tools, with attention to data access, retention, and privacy controls.
• Participate in the security and privacy evaluation of IT products, including AI powered solutions, before and after adoption.
• Help assess risks related to data exposure, access boundaries, logging, and regulatory compliance for emerging technologies.
• Work closely with IT operations, compliance, clinical operations, and leadership to align security controls with business and regulatory needs.
• Maintain clear documentation of security standards, configurations, and procedures.
• Stay current on Microsoft security capabilities, healthcare security guidance, and evolving threats.