M365 Security Engineer

About The Position

Requirements

• Technical is required, as is familiarity with SIEM platforms and security monitoring tools.
• Degree in Engineering, Computer Science or a related discipline. Equivalent combination of course work and job experience
• 4-6 years’ experience working in an information security discipline
• 2-3 years’ experience working in M365 security administration
• Strong technical knowledge of Microsoft 365 security architecture
• Experience with Microsoft Defender suite, Entra security features, and Microsoft Purview compliance solutions
• Implementation and management experience around identity and access management solutions, including multi-factor authentication, conditional access policies, and privileged identity management
• Ability to conduct security assessments and implement remediation plans
• Strong proficiency with PowerShell scripting for automation and security management
• Experience and proficiency utilizing git for SCM
• Direct involvement with security incident response processes and demonstrated ability to analyze security logs and identify threats
• Excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences
• Experience working with on-site and off-site development teams, coordinating work, expectations, and delivery.
• Experience with O365 and integrating with Azure
• Cloud security posture management (CSPM) experience
• Vulnerability management, detection, and remediation
• Cloud Detection and Response CDR
• Understanding of security frameworks and compliance requirements such as NIST, ISO 27001, SOC 2
• Strong understanding of manufacturing domain preferred
• Understanding of web application firewalls, endpoint protection platforms, and vulnerability management solutions
• Possesses and demonstrates curiosity
• Ability to proactively identify opportunities for process and efficiency improvements
• Demonstrates excellent communication skills to both technical and non-technical personnel
• Demonstrate strong analytical and problem-solving skills with the ability to investigate complex security issues
• Possess the art of negotiation to drive to end state needs
• Ability to clearly articulate and drive alignment across multiple teams and departments
• Ability to create and describe project estimations with assumptions and risks
• Ability to work in a fast-paced environment while managing multiple responsibilities
• Executes with limited to no supervision; self-motivated and self-directed
• Commitment to continuous learning and staying current with evolving security threats and Microsoft platform updates

Nice To Haves

• Additional experience with enterprise security tools including would be advantageous.
• Knowledge of regulatory compliance requirements such as GDPR, HIPAA, or PCI-DSS and experience with security automation and orchestration tools or SOAR platforms would strengthen your candidacy.
• Microsoft 365 Certified: Security Administrator Associate (MS-500)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Azure Security Engineer Associate (AZ-500)
• Microsoft Certified: Cybersecurity Architect Expert (SC-100)
• Security+ (CompTIA)
• CCSP (ISC2)

Responsibilities

• Implement and manage security solutions across our Microsoft 365 ecosystem, including Entra, Exchange Online, SharePoint, Teams, Purview, and related services.
• Implement and maintain Microsoft Defender suite products including Defender for Endpoint, Defender for Office 365, and Defender for Cloud Apps, working to detect and respond to security threats across our environment.
• Manage identity and access management through Entra, implementing conditional access policies, managing privileged access, and integrating with our enterprise identity solution Entra.
• Configure and maintain Data Loss Prevention (DLP) policies, information protection and governance solutions, and ensuring sensitive data is properly classified and protected throughout its lifecycle.
• Configure and tune security alerts, investigate suspicious activities, conduct threat hunting exercises, and coordinate response efforts for security incidents affecting M365 services. This includes working with Microsoft Purview for compliance monitoring, audit log analysis, and eDiscovery when needed for investigations.
• Collaborate with security operations, compliance teams, and application owners to ensure security controls are properly implemented without disrupting business operations. This includes evaluating new M365 features for security implications, participating in architecture reviews, and providing guidance on secure configuration practices.