Microsoft Security Engineer

Location: Cyberjaya, Malaysia

Team: Cyber Technology Services

Designation: Microsoft Security Engineer

Employer: vCyberiz Sdn Bhd

Experience: 68 years total IT experience, with at least 4 years hands-on Microsoft Security implementation

Job Role

Implement, configure, and support Microsoft security solutions with a strong focus on Microsoft 365 E5 Security and Microsoft XDR, ensuring secure-by-design deployments aligned with customer requirements and industry best practices.

Role Overview

The MS Security Specialist will report to the Senior Director, Cyber Risk & Technology Advisory Services.

This role is delivery-focused and hands-on, responsible for implementing, operationalizing, and stabilizing Microsoft security solutions across endpoint, identity, email, cloud applications, and servers, while enabling Microsoft XDR outcomes through Microsoft 365 Defender.

The role works closely with architects, engineers, and client technical teams to ensure successful deployment, UAT, documentation, and operational readiness across enterprise and hybrid environments.

Responsibilities

Microsoft Security & XDR Delivery

• Implement, configure, and optimise Microsoft 365 E5 Security components, including:
• Microsoft Defender for Endpoint
• Microsoft Defender for Office 365
• Microsoft Defender for Identity
• Microsoft Defender for Cloud Apps
• Microsoft Entra ID P2
• Microsoft Defender for Servers (Plan 1)
• Operationalise Microsoft XDR by integrating detection, investigation, and response across endpoint, identity, email, and cloud application signals within Microsoft 365 Defender.
• Perform solution onboarding, baseline hardening, tuning, and stabilisation across hybrid and enterprise environments.

Endpoint & Device Security (Microsoft Intune)

• Design and manage Microsoft Intune configurations to support:
• Endpoint onboarding into Defender for Endpoint
• Device compliance and configuration profiles
• Security baselines and Conditional Access enforcement
• Support environments with Azure AD joined, Hybrid Azure AD joined, and co-managed (SCCM + Intune) devices.
• Troubleshoot device onboarding, compliance issues, and policy conflicts across Intune and Defender.

Identity & Access Security

• Implement and tune Entra ID Conditional Access, MFA, Identity Protection, and Privileged Identity Management (PIM).
• Support secure hybrid identity integration between on-premises Active Directory and Entra ID.
• Translate access control requirements into enforceable identity security policies.

Delivery Governance & Knowledge Transfer

• Conduct User Requirement Study (URS) workshops and support Security Requirement Specification (SRS) documentation.
• Support module-based UAT execution and sign-off.
• Produce technical documentation, configuration baselines, and operational runbooks.
• Deliver structured knowledge transfer and hands-on walkthroughs to customer technical teams.

Operations & Collaboration

• Support incident investigation, root cause analysis, and remediation activities related to Microsoft Security solutions.
• Collaborate with internal architects, engineers, and SOC teams to ensure smooth handover to operations where applicable.
• Participate in continuous improvement initiatives across Microsoft Security delivery frameworks.

Experience

• 6 - 8 years of relevant IT or cybersecurity experience.
• Minimum 4 years hands-on experience implementing and supporting Microsoft Security solutions.
• Proven experience with:
• Microsoft Defender for Endpoint, Office 365, Identity, Cloud Apps
• Microsoft Entra ID (Conditional Access, MFA, Identity Protection, PIM)
• Microsoft Defender for Servers
• Microsoft Intune (Endpoint Manager)
• Experience operating in hybrid cloud and enterprise Microsoft 365 environments.
• Exposure to cross-domain incident investigation and response within Microsoft 365 Defender (XDR context).
• Familiarity with security frameworks such as ISO 27001, NIST, or CIS is an advantage.

Qualifications

Mandatory

• Bachelor's degree in Computer Science, Information Technology, or related discipline.
• Microsoft certifications (at least two):
• SC-200 Microsoft Security Operations Analyst
• SC-300 Identity and Access Administrator
• SC-400 Information Protection & Compliance Administrator
• AZ-900 Azure Fundamentals

Preferred

• AZ-500 Azure Security Engineer Associate
• MS-102 Microsoft 365 Administrator
• MD-102 Endpoint Administrator
• ITIL Foundation (advantageous)

Skills & Abilities

• Strong hands-on expertise across Microsoft E5 Security and Microsoft XDR.
• Solid understanding of endpoint, identity, email, and cloud application security integration.
• Ability to translate requirements into practical, enforceable security configurations.
• Strong troubleshooting, analytical, and documentation skills.
• Effective communicator with the ability to engage technical and non-technical stakeholders.
• Proactive, ownership-driven, and delivery-oriented mindset.
• Willingness to work flexible hours and provide on-call support when required.

Performance Criteria

• Successful delivery and stabilization of Microsoft Security solutions aligned with agreed scope and SLAs.
• Demonstrable improvement in security posture, visibility, and incident response effectiveness.
• Accurate and up-to-date technical documentation and operational handover materials.
• Positive contribution to Cyber Technology Services delivery objectives.