Sr Engineer, IT Security (NTD)

About The Position

Requirements

• 8+ years in enterprise IT/Security engineering with deep hands-on experience in: M365 administration, IAM operations, or endpoint security.
• Expert-level experience with:
• M365 & Entra ID: Conditional Access, MFA/SSPR, PIM/PAM, app registrations, service principals, identity lifecycle.
• Endpoint Security: CrowdStrike Falcon or equivanet (policy design, RTR, detection tuning) across Win/macOS/Linux.
• Logging/SIEM: Splunk or equivalent (search, dashboards, alerting, detection engineering).
• Strong automation skills: PowerShell (Graph modules), Python, REST/Graph APIs; CI/CD and version control (Git).
• Proven track record delivering secure baselines at scale (Intune/Jamf/MDM), and leading incident response involving identity and endpoints.
• Deep understanding of Zero Trust, least privilege, RBAC, token flows (OAuth/OIDC), and modern auth (MSAL).
• Experience with compliance control design and audit support.
• Experience mentoring others and cultivating technical breadth and depth on a team.
• Bachelor or Master of Science degree in Engineering, Information Technology, or related field; or equivalent combination of education and experience.

Nice To Haves

• Fluency in Japanese a plus.

Responsibilities

• Implement and optimize Microsoft Entra Conditional Access, tenant security defaults, privileged access policies, and MFA/SSPR at scale.
• Operate and harden Microsoft Entra ID (Azure AD): lifecycle governance, automated provisioning/deprovisioning, privileged identities (PIM), app registrations, consent/permission reviews.
• Build and maintain RBAC/least-privilege access models for cloud and SaaS apps; implement Just-In-Time access for admins and sensitive roles.
• Integrate HRIS and identity sources for Joiner-Mover-Leaver flows, enforce identity proofing and MFA step-up for high-risk transactions.
• Design and enforce data governance (labels, DLP, retention, eDiscovery/Legal Hold, insider risk signals) and collaboration controls (external sharing, guest access, B2B/B2C).
• Establish monitoring/alerting/SLAs for tenant and identity related services; lead incident response and help develop IR playbooks in conjunction with IT Security Operations.
• Own the migration from an existing endpoint management system to a more robust solution, such as the CrowdStrike Falcon platform, for all endpoints: sensor deployment/coverage, policy tuning, RTR workflows, and threat hunting guardrails.
• Lead efforts with platform engineers for OS-specific hardening baselines (CIS/NIST) and secure configuration: BitLocker/FileVault/LUKS, kernel extension/driver policies, local admin control, application allow/deny lists.
• Lead incident triage and response on endpoints, including containment, forensic collection, and post-incident hardening.
• Build and operationalize Splunk detections and dashboards integrating M365, Entra, CrowdStrike, Defender, Intune, and OS logs.
• Develop automated response playbooks to reduce MTTR.
• Create robust automation and self-service tooling for identity and endpoint operations.
• Maintain IaC for policy-as-code (e.g. Conditional Access, PIM role settings).
• Document runbooks, architecture diagrams, inventories, and SOPs; mentor engineers and drive operational maturity.
• Map controls to regulatory frameworks (SOX, J-SOX etc.); support audits with evidence and narratives.
• Lead periodic access reviews, admin entitlement recertification, and break-glass account governance.
• Conduct tabletop exercises, disaster recovery testing, and security drills tied to identity and endpoint scenarios.

Benefits

• potential for a semi-annual discretionary performance bonus
• a comprehensive benefits package that includes medical, dental, vision, 401(k), and paid time off