Our client is in the shipping and logistics business. They are seeking a Sr. Microsoft Security Engineer fulltime. This will sit in the NYC office 3 days a week. Salary up to $160k plus bonus DOE.
Senior level MIS Security position with a primary responsibility resolving security-based issues, alerts, and troubleshooting. Work may include incident management and documentation, monitor alerts, hunting, advisories, and bulletins as required and innovation. Analyze technological and architectural upgrades/modifications to the Information Systems Security architecture and help develop technical recommendations. Other IT security related tasks are also involved as well as special project involvement based on demonstrated ability.
Create and maintain Microsoft O365 Suite Policies and MDM Policies
Work with Management, IT, and Security staff as needed on O365 solutions to ensure security guidelines are followed within the teams supported products.
Identify, manage, and escalate technical or issues pertaining to O365.
Monitor and recommend improvements Azure Policies.
Monitor and recommend improvements and maintain documentation on Azure Security Policies, and any other security related Azure product.
Work with IT and Security staff to maintain security through Log analytics, Azure Sentinel, Security Center, and Microsoft Endpoint Management Security baselines.
Identify, manage, and escalate technical or issues pertaining to Azure configurations.
Provide guidance and expertise in the field of risk management regarding the protection and security of digital assets in the cloud and on premise.
Maintain and improve information security policies and procedures; develops security guidelines and safe practices for computing and networking systems and maintain the documentation.
Manage, maintain, and monitor security technologies such as vulnerability scanning solutions, IDS/IPS, anti- virus technologies, SIEM technologies, host forensics and malware analysis, web application firewalls and proxy solutions.
Manage real time threat detention technologies to identify and quarantine threats, Monitor Endpoint Security; alerts and takes corrective action.
Monitor internal control systems to ensure appropriate access levels are maintained, protect against unauthorized system access, modification and destruction.
Create and review vulnerability reports, track compliance with vulnerability management policies and procedures in accordance to established ISO 27001:2013 guidelines.
Tests security controls and manages the associated remediation of any deficiencies as needed.
Assess security information, triaging and responding to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources while prioritizing information security incidents.
Manage incident-handling processes, which include implementation of containment, protection, and remediation activities.
Coordinates the handling and resolution of security incidents, to include system intrusions and abuse, and acts as a primary point of contact.
Develop responses to internal & external audits, penetration tests and vulnerability assessments.
Support Information Security training and awareness by providing ideas and content, assist HR with employee security awareness education and training.
Experience:
5+ years of Office 365 and Azure Engingeering experience with a focus on security
In-depth understanding of Microsoft operating systems and its security – specific focus in Microsoft Exchange
In depth understanding of Networking, systems, Azure architecture and security.
Scripting experience with PowerShell, SQL, IDS/ IPS.
Knowledge of MFA architectures, O365 architecture and emails security and Azure.
Understanding of DecSecOps principles