Jobs · Information Technology · Pennsylvania

Senior Azure / Microsoft 365 Security Engineer

Dentsply Sirona · York, PA · 2 wk ago
Information TechnologyFull-time

Azure & Microsoft 365 Security Architecture

Owning Azure and Microsoft 365 security architecture patterns and engineering standards.

Leading implementation and optimization of Microsoft security platforms (Defender, Purview, Entra ID, Intune).

Acting as a senior escalation point for complex cloud and identity security issues.

Driving security posture improvement, risk reduction, and operational maturity across Microsoft platforms.

Responsibilities

  • Azure & Microsoft 365 Security Architecture
  • Design and maintain secure Azure landing zone and subscription patterns, including management groups, policy enforcement, network segmentation, and secure service exposure.
  • Define and enforce identity and access architecture using Microsoft Entra ID (Azure AD), RBAC, Conditional Access, Privileged Identity Management (PIM), and managed identities.
  • Establish and maintain Zero Trust-aligned controls across Azure and Microsoft 365 workloads.
  • Microsoft Defender & Platform Protection
  • Lead the design, deployment, and tuning of Microsoft Defender capabilities, including:
    • Defender for Cloud
    • Defender for Endpoint
    • Defender for Identity
    • Defender for Office 365
  • Own secure configuration baselines, posture management, and remediation workflows aligned to Microsoft Secure Score and internal risk priorities.
  • Partner with SecOps to reduce alert fatigue, improve signal-to-noise ratio, and enhance incident response workflows.
  • Microsoft Purview & Data Protection
  • Design and implement Microsoft Purview capabilities, including:
    • Sensitivity labeling and information protection
    • Data Loss Prevention (DLP) across Exchange, SharePoint, OneDrive, and Teams
    • Records management and data lifecycle controls
  • Partner with Legal, Privacy, and Compliance teams to ensure data protection controls align with regulatory and business requirements.
  • Engineering Enablement & Continuous Improvement
  • Define security standards, patterns, and guardrails that enable cloud and workplace teams to deploy securely by default.
  • Review and influence Infrastructure-as-Code (ARM, Bicep, Terraform) and CI/CD pipelines to embed security controls early.
  • Mentor junior engineers and act as a technical leader across Security Architecture & Engineering initiatives.

Requirements

  • Education
  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Information Systems, or equivalent experience.
  • Experience
  • 7–10+ years of progressive experience in cybersecurity engineering, with deep hands-on experience in Azure and Microsoft 365 security.
  • Proven experience designing and operating enterprise-scale cloud security controls.
  • Strong experience integrating cloud platforms with SIEM/SOC operations.
  • Key Skills & Knowledge
  • Advanced knowledge of Microsoft Entra ID, Conditional Access, PIM, RBAC, and identity threat protection.
  • Expert-level experience with Microsoft Defender (KQL, analytics rules, automation).
  • Strong understanding of cloud security architecture, Zero Trust principles, and shared responsibility models.
  • Ability to communicate complex security concepts to engineering teams and senior leadership.
  • Certifications (Strongly Preferred)
  • Microsoft Certified: Azure Security Engineer Associate (or successor).
  • Microsoft SC-100 (Cybersecurity Architect) or equivalent senior-level certification.
  • CISSP, CCSP, or GIAC cloud-focused certifications.
  • Familiarity with NIST CSF / NIST SP 800-53 / ISO 27001 control frameworks.

Similar jobs

Senior Azure Engineer

Doctors Without Borders/Médecins Sans Frontières - USANew York, NY· 1 wk ago
Engineering$102k–$153k/yrapply on job-boards.greenhouse.io