Senior Microsoft Security Engineer

Summary

The Senior Microsoft Security Engineer will be responsible for identifying potential threats to the IT infrastructure, recommending enhancements accordingly and implementing those technologies. The Senior Microsoft Security Engineer provides support to ensure applicable information protection policies, procedures, guidelines, best practices are followed. Performs Security Risk Assessments (SRAs) and performs compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures.

Duties and Responsibilities

• Fully leverage the educational institutions Microsoft A5 license suite of products
• Lead the educational institutions Microsoft security "cloud first" strategy
• Design, implement, and maintain Microsoft security solutions
• Ensure that Microsoft operating systems are configured securely
• Manage the configuration and effective use of Microsoft security products
• Collaborate with Infrastructure/ITSM/Technical teams
• Stay up-to-date with the latest security threats and industry trends
• Serve as a security expert in network efforts
• Lead and execute projects on our security roadmap
• Adhere to existing risk management frameworks
• Manage incident response for network security events
• Develop and maintain IT security policies
• Research, design, and advocate new technologies
• Support vulnerability assessments
• Execute risk and vulnerability assessments and remediation activities
• Review and provide feedback on security plans and procedures
• Build/enhance security architecture
• Review in-house and 3rd-party applications/code for security vulnerabilities
• Participate in Software Development Lifecycle
• Develop and/or implement automated security testing tools
• Train engineers on common security problems
• Provide security input on overall software architecture
• Perform hands-on testing of applications

Skills

• Secure solutions development
• Middleware security
• n-tier apps dev infrastructure
• Compliance - PCI, GLB, GLBA, CMMC, GDPR, etc.
• Risk management and security risk assessments
• Code review, reverse engineering
• API's and protocols
• Authentication and authorization. SSO, MFA

Education & Experience Requirements

10 years or more of professional experience with 7 or more years in IT security. Must have knowledge of IT security technologies. Hands-on experience with enterprise system administration, IPS management, vulnerability scanning, Splunk. Bachelor's degree preferred. At least one professional security certification such as CISSP, CISM, CISA or similar.