Description:
A company in Austin, TX is seeking a Security Engineer with expertise in Office 365 Security Administration & Microsoft Sentinel Administration. The ideal candidate will play a key role in managing security configurations, detecting threats, and ensuring compliance with industry standards.
Key Responsibilities:
Office 365 Security Administration:
- Configure and manage security settings for Office 365 services, including Exchange Online, SharePoint Online, Microsoft Teams, and OneDrive.
- Set up and maintain Azure Active Directory (AAD) security features such as Conditional Access policies, Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC).
- Implement Data Loss Prevention (DLP) policies, email encryption, and Microsoft Defender for Office 365 to mitigate security risks.
- Perform regular security assessments using tools like Secure Score and implement best practices for improved security posture.
- Troubleshoot and resolve Office 365 security-related issues while ensuring system efficiency.
Microsoft Sentinel Administration:
- Manage Microsoft Sentinel, including onboarding data sources (e.g., Office 365, Azure AD, third-party systems) and configuring connectors.
- Tune Sentinel detection rules and analytics using Kusto Query Language (KQL) to reduce false positives and enhance threat detection accuracy.
- Monitor security events and incidents through Sentinel dashboards, investigate anomalies, and coordinate incident response efforts.
- Develop automated playbooks for incident response using Azure Logic Apps integrated with Sentinel.
- Generate detailed security reports and metrics for management and compliance teams.
General Responsibilities:
- Collaborate with IT and security teams to align Office 365 and Sentinel security configurations with NIST, ISO 27001, SOC 2 compliance standards.
- Stay updated on Microsoft security updates, emerging threats, and best practices to enhance security measures.
- Document security configurations, monitoring workflows, and tuning procedures for compliance and operational continuity.
Required Qualifications:
- 5-8 years of experience in IT administration, with at least 3 years focused on Office 365 security configuration and administration.
- 1-2 years of hands-on experience with Microsoft Sentinel administration, including tuning and monitoring in a production environment.
- Strong knowledge of Azure Active Directory (AAD), Conditional Access, MFA, and RBAC.
- Experience with Kusto Query Language (KQL) for security rule tuning.
- Ability to develop automated playbooks using Azure Logic Apps.