Security Engineer (Ref 26505)

Responsibilities

• Design and govern enterprise identity security architecture 

• Administer Active Directory and ADFS operations

• Maintain Entra ID configurations and policies

• Monitor Azure AD Connect synchronization health

• Support SSO integrations (SAML, OAuth, OIDC)

• Enforce and troubleshoot Conditional Access policies

• Manage MFA enrollment and troubleshooting

• Monitor Azure Firewall logs and alerts

• Validate ExpressRoute security posture

• Review Private Endpoint and Private Link configurations

• Monitor Microsoft 365 security dashboards

• Manage and administer CyberArk EPM & PAM

• Administer Trend Micro email and endpoint security alerts

• Manage PKI certificate renewals and deployments

• Troubleshoot SSL and encryption issues

• Investigate medium-level security incidents

• Provide audit evidence and compliance reporting support

• Maintain updated security SOPs and documentation

• Participate in DR and security validation testing

• Escalate complex threats to L3 Security Engineer

Requirements

• Diploma/Degree in Computer Science, Information Technology, Engineering, or related disciplines.

• Proven experience in enterprise cybersecurity, with strong expertise in identity and access management (IAM), cloud security, privileged access management (PAM), and security governance.

• Hands-on experience administering and securing Active Directory, ADFS, Entra ID, Azure AD Connect, Single Sign-On (SSO), Conditional Access, Multi-Factor Authentication (MFA), and federated identity services.

• Strong knowledge of Microsoft Azure and Microsoft 365 security technologies, including Azure Firewall, ExpressRoute, Private Link, Zero Trust architectures, and cloud security best practices.

• Experience managing privileged access and endpoint security platforms, including CyberArk PAM/EPM, email security, endpoint protection, PKI, certificate lifecycle management, and encryption technologies.

• Proven ability to investigate and respond to security incidents, conduct root cause analysis, perform security posture assessments, and implement remediation strategies.

• Experience developing and enforcing security standards, hardening baselines, governance frameworks, compliance controls, and audit requirements within enterprise environments.

• Strong understanding of security frameworks, risk management, ISMS, regulatory compliance, and security architecture principles.

• Excellent stakeholder management, documentation, and communication skills, with experience providing executive-level reporting, leading security initiatives, and mentoring junior security team members.

Licence no: 12C6060