Microsoft Security Engineer

Job Description Microsoft Security Engineer

Team: Cyber Technology Advisory Services

Designation: Solution Specialist - MS Security

Job Role: Implement, configure, and support Microsoft security solutions with a strong focus on Microsoft 365 E5 Security and Microsoft XDR, ensuring secure-by-design deployments

aligned with customer requirements and industry best practices.

Experience: 68 years total IT experience, with at least 4 years hands-on Microsoft Security implementation

Shifts: The resource may need to work Flexible Hours to provide extended support and be available on call when required.

Role Overview

The Microsoft Security Engineer will report to the Senior Director, Cyber Risk & Technology

Advisory Services. This role is delivery-focused and hands-on, responsible for implementing, operationalising, and stabilising Microsoft security solutions across endpoint, identity, email, cloud applications, and servers, while enabling Microsoft XDR outcomes through Microsoft 365 Defender. The role works closely with architects, engineers, and client technical teams to ensure successful deployment, UAT, documentation, and operational readiness across enterprise and hybrid environments.

Responsibilities

Microsoft Security & XDR Delivery

Implement, configure, and optimise Microsoft 365 E5 Security components, including:

o Microsoft Defender for Endpoint

o Microsoft Defender for Office 365

Classified - CONFIDENTIAL

o Microsoft Defender for Identity

o Microsoft Defender for Cloud Apps

o Microsoft Entra ID P2

o Microsoft Defender for Servers (Plan 1)

Operationalise Microsoft XDR by integrating detection, investigation, and response across endpoint, identity, email, and cloud application signals within Microsoft 365 Defender.

Perform solution onboarding, baseline hardening, tuning, and stabilisation across hybrid

and enterprise environments.

Endpoint & Device Security (Microsoft Intune)

Design and manage Microsoft Intune configurations to support:

o Endpoint onboarding into Defender for Endpoint

o Device compliance and configuration profiles

o Security baselines and Conditional Access enforcement

Support environments with Azure AD joined, Hybrid Azure AD joined, and co-managed

(SCCM + Intune) devices.

Troubleshoot device onboarding, compliance issues, and policy conflicts across Intune

and Defender.

Identity & Access Security

Implement and tune Entra ID Conditional Access, MFA, Identity Protection, and

Privileged Identity Management (PIM).

Support secure hybrid identity integration between on-premises Active Directory and Entra ID.

Translate access control requirements into enforceable identity security policies.

Delivery Governance & Knowledge Transfer

Conduct User Requirement Study (URS) workshops and support Security Requirement

Specification (SRS) documentation.

Support module-based UAT execution and sign-off.

Produce technical documentation, configuration baselines, and operational runbooks.

Deliver structured knowledge transfer and hands-on walkthroughs to customer technical teams.

Operations & Collaboration

Support incident investigation, root cause analysis, and remediation activities related to

Microsoft Security solutions.

Collaborate with internal architects, engineers, and SOC teams to ensure smooth handover to operations where applicable.

Participate in continuous improvement initiatives across Microsoft Security delivery frameworks.

Experience

6 - 8 years of relevant IT or cybersecurity experience.

Minimum 4 years hands-on experience implementing and supporting Microsoft Security

solutions.

Proven experience with:

o Microsoft Defender for Endpoint, Office 365, Identity, Cloud Apps

o Microsoft Entra ID (Conditional Access, MFA, Identity Protection, PIM)

o Microsoft Defender for Servers

o Microsoft Intune (Endpoint Manager)

Experience operating in hybrid cloud and enterprise Microsoft 365 environments.

Exposure to cross-domain incident investigation and response within Microsoft 365

Defender (XDR context).

Familiarity with security frameworks such as ISO 27001, NIST, or CIS is an advantage.

Qualifications

Mandatory

Bachelor's degree in Computer Science, Information Technology, or related discipline.

Microsoft certifications (at least two):

o SC-200 Microsoft Security Operations Analyst

o SC-300 Identity and Access Administrator

o SC-400 Information Protection & Compliance Administrator

o AZ-900 Azure Fundamentals

Preferred

AZ-500 Azure Security Engineer Associate

MS-102 Microsoft 365 Administrator

MD-102 Endpoint Administrator

ITIL Foundation (advantageous)

Skills & Abilities

Strong hands-on expertise across Microsoft E5 Security and Microsoft XDR.

Solid understanding of endpoint, identity, email, and cloud application security integration.

Ability to translate requirements into practical, enforceable security configurations.

Strong troubleshooting, analytical, and documentation skills.

Effective communicator with the ability to engage technical and non-technical stakeholders.

Proactive, ownership-driven, and delivery-oriented mindset.

Willingness to work flexible hours and provide on-call support when required.

Performance Criteria

Successful delivery and stabilisation of Microsoft Security solutions aligned with agreed scope and SLAs.

Demonstrable improvement in security posture, visibility, and incident response effectiveness.

Accurate and up-to-date technical documentation and operational handover materials.

Positive contribution to Cyber Technology Advisory Services delivery objectives.