Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
General Description The Security Engineer plays a key role in protecting NorthWinds Technology Solutions, its affiliated companies, and its clients by designing, implementing, and maintaining enterprise security solutions. This position focuses heavily on the Microsoft security ecosystem, including endpoint protection, identity security, and related capabilities. This role is responsible for strengthening the organization's security posture through proactive monitoring, detection, and response, while working cross-functionally with infrastructure, cloud, and application teams. The Security Engineer will also participate in vulnerability management, incident response, and the ongoing evolution of security architecture and controls. Core Responsibilities Security Operations & Monitoring Monitor, investigate, and respond to security alerts across Microsoft security and other platforms (Purview, Defender suite, SIEM, Entra ID) Analyze logs and telemetry to identify suspicious activities and potential threats Support incident response activities, including containment, eradication, and root cause analysis Maintain and improve detection rules, analytics, and alert tuning
Microsoft Security Platform Administer and Optimize:
Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) security controls and tools Microsoft Purview controls and tools Additional responsibilities: Develop and maintain automated workflows and playbooks Integrate Microsoft security tools with other enterprise systems Vulnerability & Risk Management Conduct vulnerability assessments and coordinate remediation efforts Partner with infrastructure and application teams to prioritize and mitigate risks Contribute to risk tracking, reporting, and audit readiness (SOC 2, HIPAA, etc.) Architecture & Engineering Work with the Security Architect to identify and recommend improvements to enterprise security architecture Assist with the implementation of security controls across cloud (Azure/AWS) and on-premises environments Support identity and access management initiatives, including MFA, conditional access, and least privilege Compliance & Governance Assist with audits, security reviews, and third-party assessments Ensure alignment with organizational security policies and regulatory requirements Provide input into security standards, procedures, and documentation Collaboration & Enablement Work closely with infrastructure, network, and application teams to embed security controls Provide technical guidance and support for security best practices Help drive security awareness across engineering teams Key Skills Identity and access management (IAM) Network security fundamentals (TCP/IP, firewalls, segmentation, switching, and routing) Windows and cloud security principles SIEM platforms and operations Experience with vulnerability management and remediation processes Familiarity with security frameworks and compliance standards (SOC 2, HIPAA, NIST, CIS) AWS networking, security configuration, and tools Strong analytical, troubleshooting, and problem-solving skills Linux terminal and PowerShell experience Copilot administration and machine learning familiarity Effective communication and collaboration skills Key Characteristics Detail-oriented and proactive in identifying and mitigating risks Strong ownership mindset with the ability to drive security initiatives forward Collaborative, team-first approach across infrastructure and security functions Continuous learner who stays up to date on evolving threats and technologies Required Qualifications 3-5 years of experience in cybersecurity, security engineering, or security operations Hands-on experience with Microsoft security technologies, including: Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Microsoft Entra ID (Azure AD) security features and Intune administration Experience with endpoint detection and response (EDR/XDR) and SIEM platforms Preferred Qualifications Microsoft certifications (SC-200, SC-300, AZ-500, or equivalent) Experience with automation and scripting (PowerShell, Python) Exposure to cloud security (Azure and/or AWS) Experience implementing conditional access policies and Zero Trust principles Knowledge of threat intelligence and detection engineering Work Conditions Participation in an on-call rotation may be required Primarily remote work environment Limited travel (<5%) Experience Required 3 year(s): Experience with endpoint detection and response (EDR/XDR) and SIEM platforms 3 year(s): Hands-on experience with Microsoft security technologies, including: o Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Office 365) o Microsoft Entra ID (Azure AD) security features and Intune administration 3 - 5 years: Experience in cybersecurity, security engineering, or security operations Education Preferred Bachelors or better in Information Technology or related field Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
