End User Services – Digital Workplace Security Engineer

Key Responsibilities

Security Engineering & Governance

• Implement and maintain security baselines across identity, endpoints, messaging, data, and collaboration workloads (Microsoft Security Baselines, CIS Benchmarks).

• Deploy, configure, and operationalize: Microsoft Defender XDR, Defender for Cloud (cloud & hybrid posture management), Microsoft Sentinel (SIEM/SOAR operations and automation).

• Develop, tune, and maintain: SIEM/SOAR use cases, Detection rules, KQL-based analytics, Automation playbooks.

• Lead security incident investigations from detection, containment, root-cause analysis and remediation across identity, endpoints, messaging, and email security.

• Implement and maintain Microsoft Purview governance controls: Retention & records management, eDiscovery (Standard & Premium), Audit & Insider Risk, Information Protection & DLP.

Modern Workplace Architecture & Engineering

• Design secure architectures across: Entra ID, AD DS, hybrid identity, Intune & ManageEngine Endpoint Central, Conditional Access, Zero Trust policies, Role-based access & identity governance.

• Architect secure and resilient messaging solutions: Exchange Online & Exchange Server, Mimecast (email security, threat protection, continuity)

• Lead implementation and modernization projects including:

  • Identity hardening & MFA/Conditional Access modernization

  • Endpoint standardization (security baselines, configuration policies)

  • Migration projects (identity, email, device, security platforms)

  • Defender XDR and SIEM modernization

  • ManageEngine platform rollout and optimization

• Conduct technical health checks, configuration assessments, risk evaluations, and environment hardening across all EUS technologies.

• undefined

Escalation, Operations & Service Reliability

• Serve as L3/L4 escalation authority for complex security, identity, endpoint, messaging, and cloud incidents.

• Ensure SLA compliance for P1/P2 incidents through advanced troubleshooting and root-cause analysis.

• Maintain operational reliability, security posture, and performance across all Digital Workplace platforms.

• Drive continuous improvement cycles to enhance availability, compliance alignment, and threat resilience.

• undefined

Presales, Advisory & Client Engagement

• Lead security-focused presales engagements including workshops, assessments, PoCs, and RFP technical responses.

• Produce secure, scalable solution architectures aligned with Microsoft security frameworks (Zero Trust, MCRA frameworks).

• Translate business risks and compliance requirements into actionable technical designs.

• Act as a trusted advisor on:

  • Cyber posture improvement

  • Microsoft security & compliance adoption

  • Governance & data protection

  • Workplace modernization strategies

• Participate in account planning with pre-sales teams.

KNOWLEDGE, SKILLS & ATTRIBUTES

Technical Competencies

• Strong experience with Microsoft Sentinel, SIEM/SOAR, and threat detection methodologies.

• Expertise across M365, Entra ID, AD DS, Intune, ManageEngine, Exchange, and email security platforms.

• Hands‑on experience with incident response, KQL, PowerShell, Python, and investigative analysis processes.

• Deep understanding of identity security, endpoint protection, hybrid identity, and Microsoft security stack.

PROFESSIONAL ATTRIBUTES

• Excellent communication, documentation, and stakeholder‑management skills.

• Able to translate complex security concepts for non‑technical audiences.

• Strong analytical mindset, detail‑oriented, and able to work in high‑pressure environments.

• Highly collaborative with cross‑functional teams (support, sales, presales, engineering).

QUALIFICATIONS & EXPERIENCE

• Bachelor’s degree in IT, Computer Science, Information Systems, or related field.

• 5+ years experience in cybersecurity, security operations, Modern Workplace engineering, or identity management.

• Prior experience in enterprise IT environments, SOC operations, or security engineering.

• Hands‑on experience architecting and supporting Modern Workplace technologies. 

PREFERRED CERTIFICATIONS:

• Microsoft Certified: Security Operations Analyst

• Microsoft Certified: Cybersecurity Architect

• Microsoft Certified: Identity & Access Administrator

• Microsoft 365 Enterprise Administrator Expert

• Microsoft 365 Certified: Azure Security Engineer Associate,

• Microsoft 365 Certified:  Information Protection Administrator Associate

• CISSP / CISM (added advantage)

• ManageEngine, Mimecast, or SIEM/SOAR certifications (bonus)