Microsoft Security Engineer

The Role 

We are seeking a skilled Security Engineer – Microsoft M365 Security with deep expertise in Microsoft 365 security technologies to design, implement, and optimize security controls across Microsoft Defender, Microsoft Purview, Microsoft Sentinel, and related Microsoft 365 platforms. This role plays a key part in advancing a Zero Trust security strategy, protecting identities, endpoints, and data, and ensuring compliance with regulatory and operational requirements, particularly within regulated environments. 

Responsibilities 

• You will implement, configure, and optimize Microsoft Defender capabilities, including antivirus, EDR, and XDR, across endpoints, identities, and cloud workloads. 

• You will secure endpoints using Microsoft Defender for Endpoint and monitor and improve endpoint security posture. 

• You will work on the migration of Symantec DLP to the Microsoft DLP and prevent data exfiltration. 

• You will support and enhance Microsoft Sentinel SIEM and SOAR capabilities, including detection rules, analytics use cases, and automation playbooks. 

• You will deploy, configure, and maintain Microsoft Purview solutions for data classification, data loss prevention, and compliance monitoring. 

• You will strengthen identity security using Entra ID capabilities such as Conditional Access, Identity Protection, and Zero Trust controls. 

• You will conduct security posture assessments and contribute to remediation plans and security improvement roadmaps. 

• You will support incident response activities, perform root cause analysis, and continuously improve threat detection and response capabilities. 

• You will ensure security controls and processes align with regulatory, audit, and compliance requirements applicable to financial institutions. 

• You will produce clear technical documentation, security reports, and recommendations for both technical and management stakeholders. 

Skills 

Required Skills 

• You should have a minimum of 5 years of experience in security engineering or security consulting with a strong focus on Microsoft 365 and Azure environments. 

• You should have handson experience with Microsoft Defender solutions, including Defender for Endpoint, Defender for Identity, Defender for Cloud, and XDR. 

• You should have handson experience configuring and operating Microsoft Sentinel SIEM and SOAR capabilities. 

• You should have handson experience with Microsoft Purview, including Information Protection, DLP, and compliance features. 

• You should have strong experience with Entra ID, including identity and access management, Conditional Access, and Identity Protection. 

• You should have experience managing endpoint security and compliance using Microsoft Intune. 

• You should have a strong understanding of security frameworks (Zero Trust, NIST, CIS) and their practical implementation. 

• You should have a strong understanding of identity and endpoint protection strategies. 

• You should have experience with incident response processes and threat detection methodologies. 

• You should have knowledge of risk management and regulatory compliance frameworks within the banking or financial services sector. 

• You should have experience working in enterprisescale and regulated environments. 

• You should have the ability to communicate complex security concepts clearly to both technical and nontechnical audiences. 

• You should have fluency in English, both written and spoken. 

Preferred Experience 

• You should have experience implementing Zero Trust architectures across Microsoft 365 and Azure environments. 

• You should have experience integrating Microsoft Sentinel with thirdparty security tools and data sources. 

• You should have experience tuning detection rules and reducing false positives in SIEM environments. 

• You should have experience supporting security audits, regulatory inspections, or compliance assessments. 

• You should have experience documenting security architectures and operational procedures. 

• You should have relevant Microsoft security certifications such as SC100, AZ500, SC200, or SC300. 

#LI-Hybrid