Cybersecurity Engineer I (MUIST HAVE AT LEAST 3 YEARS EXPERIENCE)

Position Summary

The Cybersecurity Engineer I supports the organization's security posture by assisting with technical issues related to Microsoft Defender (Endpoint, Identity, Cloud Apps, Office 365), Microsoft Sentinel, and Entra ID. You will help monitor, investigate, and resolve security alerts, identity access issues, and endpoint protection events-ensuring users and data remain secure across the organization.

Essential Duties and Responsibilities:

To perform this job successfully, an individual must be able to perform each essential function satisfactorily.

• Serve as Tier 1/2 escalation point for advanced Microsoft Defender issues (Endpoint, Identity, Cloud Apps, and Office 365).
• Assist in troubleshooting Conditional Access failures, MFA issues, suspicious sign-in activity, and identity protection alerts using Entra ID.
• Monitor and investigate alerts and incidents in Microsoft 365 Defender and Microsoft Sentinel, escalating complex incidents as needed.
• Support the tuning and implementation of security policies and controls (e.g., ASR rules, Safe Links/Attachments, app control policies).
• Support incident resolution related to endpoint onboarding, Defender policies, and sensor functionality.
• Document repeatable solutions and contribute to the internal knowledge base.
• Collaborate with Tier 3 engineers and escalate to Microsoft support when necessary.
• Assist in monitoring security alerts and responding to incidents.
• Support vulnerability scanning and patch management processes.
• Help maintain compliance with HIPAA Security Rule and related regulations.
• Contribute to risk assessments and document findings.
• Operate and maintain endpoint protection, firewalls, and SIEM systems.
• Assist in configuring and managing access controls and identity management solutions.
• Support development and maintenance of security policies and procedures.
• Document security configurations and incident response activities.
• Work with IT and compliance teams to implement security best practices.
• Participate in security awareness initiatives for staff.

Minimum Required Qualifications and Skills

• 2+ years in a Microsoft 365-focused support role, including 1+ years handling Tier 3 escalations.
• Hands-on experience with Microsoft Defender for Endpoint and Defender for Office 365 (Safe Links, Safe Attachments, Threat Policies).
• Basic troubleshooting knowledge of:
• Microsoft Entra ID (Conditional Access, MFA, Identity Protection)
• Defender for Identity / Cloud Apps
• Microsoft Sentinel (alert handling, incident response workflows)
• Experience working tickets in Microsoft Admin portals: M365 Security Center, Entra ID, Intune, and Sentinel.
• Proficiency with PowerShell for diagnostics and remediation.
• Exposure to Microsoft Purview compliance tools (DLP, eDiscovery, Insider Risk).
• Understanding of NIST CSF, CIS Controls, and HIPAA compliance requirements.
• Familiarity with security tools (antivirus, SIEM, vulnerability scanners).
• Exposure to cloud security (AWS, Azure) and healthcare technology environments.
• Knowledge of secure networking and identity management principles.