General Description
The Security Engineer plays a key role in protecting NorthWinds Technology Solutions, its affiliated companies, and its clients by designing, implementing, and maintaining enterprise security solutions. This position focuses heavily on the Microsoft security ecosystem, including endpoint protection, identity security, and related capabilities.
This role is responsible for strengthening the organization’s security posture through proactive monitoring, detection, and response, while working cross-functionally with infrastructure, cloud, and application teams. The Security Engineer will also participate in vulnerability management, incident response, and the ongoing evolution of security architecture and controls.
Core Responsibilities
Security Operations & Monitoring
- Monitor, investigate, and respond to security alerts across Microsoft security and other platforms (Purview, Defender suite, SIEM, Entra ID)
- Analyze logs and telemetry to identify suspicious activities and potential threats
- Support incident response activities, including containment, eradication, and root cause analysis
- Maintain and improve detection rules, analytics, and alert tuning
Microsoft Security Platform
Administer and Optimize:
- Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
- Microsoft Entra ID (Azure AD) security controls and tools
- Microsoft Purview controls and tools
Additional responsibilities:
- Develop and maintain automated workflows and playbooks
- Integrate Microsoft security tools with other enterprise systems
Vulnerability & Risk Management
- Conduct vulnerability assessments and coordinate remediation efforts
- Partner with infrastructure and application teams to prioritize and mitigate risks
- Contribute to risk tracking, reporting, and audit readiness (SOC 2, HIPAA, etc.)
Architecture & Engineering
- Work with the Security Architect to identify and recommend improvements to enterprise security architecture
- Assist with the implementation of security controls across cloud (Azure/AWS) and on-premises environments
- Support identity and access management initiatives, including MFA, conditional access, and least privilege
Compliance & Governance
- Assist with audits, security reviews, and third-party assessments
- Ensure alignment with organizational security policies and regulatory requirements
- Provide input into security standards, procedures, and documentation
Collaboration & Enablement
- Work closely with infrastructure, network, and application teams to embed security controls
- Provide technical guidance and support for security best practices
- Help drive security awareness across engineering teams
Key Skills
- Identity and access management (IAM)
- Network security fundamentals (TCP/IP, firewalls, segmentation, switching, and routing)
- Windows and cloud security principles
- SIEM platforms and operations
- Experience with vulnerability management and remediation processes
- Familiarity with security frameworks and compliance standards (SOC 2, HIPAA, NIST, CIS)
- AWS networking, security configuration, and tools
- Strong analytical, troubleshooting, and problem-solving skills
- Linux terminal and PowerShell experience
- Copilot administration and machine learning familiarity
- Effective communication and collaboration skills
Key Characteristics
- Detail-oriented and proactive in identifying and mitigating risks
- Strong ownership mindset with the ability to drive security initiatives forward
- Collaborative, team-first approach across infrastructure and security functions
- Continuous learner who stays up to date on evolving threats and technologies
Required Qualifications
- 3–5 years of experience in cybersecurity, security engineering, or security operations
- Hands-on experience with Microsoft security technologies, including:
- Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Office 365)
- Microsoft Entra ID (Azure AD) security features and Intune administration
- Experience with endpoint detection and response (EDR/XDR) and SIEM platforms
Preferred Qualifications
- Microsoft certifications (SC-200, SC-300, AZ-500, or equivalent)
- Experience with automation and scripting (PowerShell, Python)
- Exposure to cloud security (Azure and/or AWS)
- Experience implementing conditional access policies and Zero Trust principles
- Knowledge of threat intelligence and detection engineering
Work Conditions
- Participation in an on-call rotation may be required
- Primarily remote work environment
- Limited travel (<5%)
Required
-
3 year(s): Experience with endpoint detection and response (EDR/XDR) and SIEM platforms
-
3 year(s): Hands-on experience with Microsoft security technologies, including: o Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Office 365) o Microsoft Entra ID (Azure AD) security features and Intune administration
- 3 - 5 years: Experience in cybersecurity, security engineering, or security operations
Preferred
-
Bachelors or better in Information Technology or related field
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
