Senior Microsoft Security Engineer

Key Responsibilities

• Deploy, configure, and maintain core Microsoft security technologies, including Azure Networking Security components (Azure Firewall, NSGs, Azure WAF) and Entra ID services (Conditional Access, PIM, Entra Private Access). 
• Execute the onboarding and fine-tuning of the Microsoft Defender suite (e.g., Defender for Endpoint, Defender for Cloud, Defender for Office 365) across customer environments. 
• Implement and manage Microsoft Sentinel for security information and event management (SIEM), including connector deployment, playbook automation, and custom rule creation. 

• Implement and configure Microsoft Purview capabilities, including Data Loss Prevention (DLP) policies, Information Protection (sensitivity labels, encryption), and records management features. 
• Configure eDiscovery, communication compliance, and audit log settings within Purview to meet regulatory and data protection requirements (e.g., GDPR, ISO 27001). 
• Define and apply data classification schemes and retention policies across various data sources using Purview tools. 

• Implement and manage Microsoft Intune policies for endpoint security, compliance, and device configuration. 
• Configure advanced Identity and Access Management (IAM) solutions within Entra ID, focusing on least privilege principles and identity governance. 

• Perform security hardening and ensure operational compliance through the implementation of Azure Policy, and resource locks. 
• Produce clear, detailed, and up-to-date technical runbooks, configuration guides, and "as-built" documentation for all implemented security and compliance solutions. 

Skills, Knowledge and Expertise

• 10 years plus experience in identity and security technologies.
• Deep, hands-on experience with the deployment and configuration of Microsoft Azure security services (Azure Policy, Network Security, Key Vault) and E5 Security. 
• Expert proficiency in configuring and managing Entra ID (formerly Azure AD), including advanced features like Conditional Access Policies, PIM, MFA, and SSO integrations. 
• Proven implementation experience with the Microsoft Defender Suite and Microsoft Sentinel. 
• Practical hands-on experience implementing Microsoft Purview, specifically configuring DLP policies, sensitivity labeling, and retention labels. 
• Strong practical knowledge of managing security controls for Windows and mobile endpoints using Microsoft Intune. 

• Excellent ability to follow detailed technical implementation plans and execute tasks efficiently. 
• Strong troubleshooting and analytical skills to diagnose and resolve complex technical security and compliance issues. 
• Meticulous attention to detail in technical configuration and "as-built" documentation. 

• Current Microsoft certifications such as AZ-500 (Azure Security Engineer Associate), SC-200 (Microsoft Security Operations Analyst), or SC-400 (Microsoft Information Protection Administrator). 
• Practical experience applying security and compliance frameworks such as ISO 27001 or NIST during implementation. 
• Familiarity with automation and scripting tools (e.g., PowerShell, Azure CLI, ARM/Bicep templates) to streamline deployments.