SME End Point Network and IPS Security

Endpoint, Network & IPS Security Subject Matter Expert

We are seeking a passionate Endpoint, Network & IPS Security SME to strengthen enterprise security across devices, identities, and network boundaries.

In this role, you will work extensively with Microsoft Defender for Endpoint, Intune, IPS technologies, NAC, firewalls, SASE, and secure web proxies—helping design and implement security controls that protect large‑scale enterprise environments.

While the core of this position centers on endpoint protection, network defense, and intrusion prevention, you will also support Microsoft Purview for data governance and compliance as part of a broader security ecosystem.

If you enjoy shaping security architecture, improving controls, and collaborating with technical experts across multiple domains, this role offers the opportunity to drive impactful change and grow your visibility as a security specialist.

Job Description:

Validate and support deployment of Microsoft Defender for Endpoint (MDE), ensuring protection, EDR, and hardening requirements are met.

Assist in planning, deploying, and maintaining Microsoft Intune policies for secure device management, compliance enforcement, and configuration baselines.

Support integration and continuous improvement of Intrusion Prevention Systems (IPS) across on‑premises and cloud network environments.

Review and support integration of Network Access Control (NAC) into the endpoint and network security ecosystem.

Implement and manage key Network Security technologies, including:

• Firewalls (Palo Alto, Fortinet, Cisco, Check Point)
• SASE platforms (Zscaler, Prisma Access, Netskope)
• Secure Web Proxy / URL Filtering (Zscaler, Forcepoint, Blue Coat/Symantec)
• IPS Platforms (Palo Alto Threat Prevention, Cisco Firepower IPS, Fortinet IPS)

Review and refine firewall rules, segmentation policies, and IPS signatures to strengthen network access security.

Monitor and respond to alerts in Microsoft 365 Defender, supporting incident investigation and remediation activities.

Experience with Microsoft Purview features such as Information Protection, DLP, Insider Risk, and Information Barriers, will be an added advantage.

Experience with Microsoft Secure Score for monitoring, analyzing, and improving enterprise security posture across Microsoft 365 services, will be an added advantage.

Build and maintain PowerShell scripts and KQL queries for automation, reporting, and threat hunting.

Support vulnerability management using Tenable or similar tools.

Prepare documentation and support operational handover after deployment.

Job Level required: Endpoint, Network & IPS Security Subject Matter Expert

Applies strong subject‑matter expertise in Endpoint Security, Network Security, and IPS to support enterprise protection and governance objectives.

Works independently on moderately complex to advanced tasks and contributes to cross-functional security initiatives.

Participates in design, implementation, and tuning of endpoint and network controls based on business and regulatory requirements.

Collaborates with IT, Network Engineering, Compliance, and SOC teams to ensure consistent enforcement, visibility, and threat prevention.

Supports junior engineers and contributes to internal process improvement and documentation efforts.

Technical Skills and Experience Required:

Essential Requirement:

1.    3–5 years of experience in endpoint security, network security, IPS operations, and/or Microsoft 365 security technologies.

2.    Strong understanding of endpoint protection, network security architecture, IPS/IDS concepts, Zero Trust principles, and data protection.

Required Technology Implementation Experience

(Experience in a minimum of 3 of the following is required)

1.    Microsoft Defender for Endpoint

2.    Microsoft Intune (Endpoint Management)

3.    Intrusion Prevention Systems (IPS) – Palo Alto, Cisco Firepower, Fortinet, etc.

4.    Network Access Control (NAC)

5.    Network Security Solutions, such as:

• Firewalls (Palo Alto, Fortinet, Check Point, Cisco)
• SASE (Zscaler, Prisma Access, Netskope)
• Secure Web Proxy / URL Filtering (Zscaler, Blue Coat/Symantec, Forcepoint)

6.    Microsoft Purview (Information Protection, DLP, Insider Risk) – secondary

7.    Microsoft 365 Defender Portal

8.    PowerShell scripting

9.    KQL for threat hunting and reporting

10. Tenable or other vulnerability management platforms