Job description

Security Engineer Microsoft platform Mortgage or banking industry No relocation and in the Irvine, CA area We are seeking a highly skilled Security Systems Engineer with a strong security focus to join our team. The ideal candidate will have extensive experience in security monitoring, application monitoring, and network monitoring while being proficient in multiple security tools. A deep understanding of Microsoft Security Tool stacks and hands-on expertise in SIEM (Security Information and Event Management) solutions are essential for this role. This position will play a crucial role in designing, implementing, and maintaining our organization's security infrastructure to ensure a robust and resilient cybersecurity posture. Required: Experience and knowledge of deploying, configuration and management of Microsoft Cloud and Security Stack. Including but not limited to: Azure AD, Entra, Defender, Intune, Sentinel / Threat Protection, Email & Data Protection, Compliance and Governance and Network – Application Security ________________________________________ Key Responsibilities: • Design, deploy, and maintain security monitoring solutions across enterprise environments. • Implement and optimize Microsoft Security tools, including but not limited to Microsoft Defender for Endpoint, Defender for Office 365, Sentinel, Microsoft Purview, and Entra ID Protection. • Manage and enhance SIEM platforms to detect, analyze, and respond to security threats effectively. • Monitor and analyze system and network activity for security incidents, vulnerabilities, and performance issues. • Develop and refine incident response processes, ensuring swift detection and mitigation of security events. • Collaborate with IT and security teams to harden system configurations, enforce security policies, and improve overall security posture. • Conduct security assessments, penetration tests, and risk analyses to identify and mitigate security gaps. • Automate security workflows and incident response procedures using scripting and automation tools (e.g., PowerShell, Python, or Azure Logic Apps). • Stay updated with emerging security threats, vulnerabilities, and industry best practices to continuously enhance security defenses. • Assist in compliance efforts, ensuring adherence to frameworks such as NIST, CIS, ISO 27001, and SOC 2. ________________________________________ Key Functions & Tools: An IT Security Engineer relies on various tools to protect systems, detect threats, and respond to security incidents. These tools fall into different categories: 1. Security Information and Event Management (SIEM) 2. Endpoint Detection and Response (EDR) & Extended Detection and Response (XDR) 3. Network Security & Intrusion Detection/Prevention (IDS/IPS) 4. Vulnerability Scanning & Assessment 5. Penetration Testing & Ethical Hacking 6. Identity & Access Management (IAM) 7. Cloud Security & Compliance 8. Data Loss Prevention (DLP) 9. Threat Intelligence & Hunting 10. Security Automation & Orchestration (SOAR) ________________________________________ Required Qualifications: • 7+ years of experience in systems engineering with a focus on security. • Hands-on experience with Microsoft Security solutions, including Microsoft Defender, Sentinel, and Entra ID Protection. • Expertise in SIEM technologies (e.g., Microsoft Sentinel, Splunk, QRadar, or similar). • Strong understanding of security monitoring, application monitoring, and network monitoring methodologies. • Proficiency in Windows Server, Active Directory, and Azure security principles. • Experience in threat hunting, security incident investigation, and forensic analysis. • Knowledge of firewall configurations, intrusion detection/prevention systems (IDS/IPS), endpoint detection & response (EDR), and network security. • Ability to script and automate security processes using PowerShell, Python, or other scripting languages. • Excellent troubleshooting skills and ability to respond to security incidents in real time. • Strong understanding of zero-trust architectures, identity and access management (IAM), and cloud security best practices. ________________________________________ Preferred Qualifications: • Certifications such as Microsoft Certified: Security Operations Analyst, CISSP, CISM, CEH, or GIAC. • Experience working in environments compliant with HIPAA, GDPR, PCI-DSS, or SOX. • Knowledge of container security, DevSecOps principles, and cloud-native security tools. • Familiarity with log aggregation, anomaly detection, and behavioral analytics.

Requirements