Senior Azure / Microsoft 365 Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or equivalent experience.
• 7–10+ years of progressive experience in cybersecurity engineering, with deep hands‑on experience in Azure and Microsoft 365 security.
• Proven experience designing and operating enterprise‑scale cloud security controls.
• Strong experience integrating cloud platforms with SIEM/SOC operations.
• Advanced knowledge of Microsoft Entra ID, Conditional Access, PIM, RBAC, and identity threat protection.
• Expert‑level experience with Microsoft Defender (KQL, analytics rules, automation).
• Strong understanding of cloud security architecture, Zero Trust principles, and shared responsibility models.
• Ability to communicate complex security concepts to engineering teams and senior leadership.
• Familiarity with NIST CSF / NIST SP 800‑53 / ISO 27001 control frameworks.

Nice To Haves

• Microsoft Certified: Azure Security Engineer Associate (or successor).
• Microsoft SC‑100 (Cybersecurity Architect) or equivalent senior‑level certification.
• CISSP, CCSP, or GIAC cloud‑focused certifications.

Responsibilities

• Design and maintain secure Azure landing zone and subscription patterns, including management groups, policy enforcement, network segmentation, and secure service exposure.
• Define and enforce identity and access architecture using Microsoft Entra ID (Azure AD), RBAC, Conditional Access, Privileged Identity Management (PIM), and managed identities.
• Establish and maintain Zero Trust-aligned controls across Azure and Microsoft 365 workloads.
• Lead the design, deployment, and tuning of Microsoft Defender capabilities, including Defender for Cloud, Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud Apps.
• Own secure configuration baselines, posture management, and remediation workflows aligned to Microsoft Secure Score and internal risk priorities.
• Partner with SecOps to reduce alert fatigue, improve signal‑to‑noise ratio, and enhance incident response workflows.
• Design and implement Microsoft Purview capabilities, including sensitivity labeling and information protection, Data Loss Prevention (DLP) across Exchange, SharePoint, OneDrive, and Teams, and records management and data lifecycle controls.
• Partner with Legal, Privacy, and Compliance teams to ensure data protection controls align with regulatory and business requirements.
• Define security standards, patterns, and guardrails that enable cloud and workplace teams to deploy securely by default.
• Review and influence Infrastructure‑as‑Code (ARM, Bicep, Terraform) and CI/CD pipelines to embed security controls early.
• Mentor junior engineers and act as a technical leader across Security Architecture & Engineering initiatives.

Benefits

• Commitment to the best professional development
• High-performance, empowering culture
• Opportunity to shape an industry with a market leader
• Opportunity to make a difference by helping improve oral health worldwide