Systems Security Engineer
Impact Networking, LLC · Lake Forest, IL · Yesterday
On-siteInformation Technology$90k–$110k/yrFull-time
Responsibilities
- Design, implement, and manage a comprehensive governance strategy across Impact’s environment using Microsoft Purview governance and compliance tools.
- Develop and enforce governance policies to discover, classify, and protect sensitive data and systems across Microsoft 365, Azure, on-premises infrastructure, and SaaS applications.
- Manage sensitivity labels, retention labels, records management, and disposition review to support the full information lifecycle.
- Create, tune, and monitor Data Loss Prevention policies across endpoints, email, Microsoft Teams, SharePoint, OneDrive, and cloud applications.
- Govern identity and access using Microsoft Entra ID, aligning policies to Zero Trust architecture and least-privilege principles.
- Serve as a subject-matter expert for data- and system-related security incidents using Microsoft Purview and Microsoft Defender for investigation, forensics, and response.
- Participate in the security team’s on-call rotation and respond to critical incidents outside of regular business hours when needed.
- Configure Microsoft Purview Audit, audit-log retention, export pipelines, Azure Monitor, Log Analytics, KQL workbooks, and alert rules to monitor compliance and policy drift.
- Translate regulatory and contractual requirements, including CMMC, NIST 800-171, ISO 27001, HIPAA, GDPR, and CCPA, into technical policies and controls in partnership with compliance, legal, and business stakeholders.
- Manage Microsoft Compliance Manager assessments and improvement-action plans, and provide regular reporting on compliance, risk posture, and policy enforcement to leadership.
- Maintain technical documentation, architecture standards, and operational runbooks for governance and security controls.
- Coach and mentor IT and security team members on governance, data protection, and Microsoft security best practices.
Qualifications & Experience
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- Minimum of 5 years of experience in information security, including at least 3 years focused on data protection, data governance, or information lifecycle management.
- Deep hands-on experience with the Microsoft Purview suite, including DLP, Microsoft Information Protection, data classification, Insider Risk Management, eDiscovery, Audit, and Compliance Manager.
- Strong experience with Microsoft Entra ID and the Microsoft Azure ecosystem, including securing data within Azure services such as Azure Storage and Azure SQL.
- Proficiency with scripting languages, particularly PowerShell, for automating security and compliance tasks.
- Strong understanding of data privacy regulations and compliance frameworks, including NIST 800-171, CMMC, ISO 27001, HIPAA, GDPR, and CCPA.
- Excellent analytical, problem-solving, communication, and collaboration skills, including the ability to explain complex technical concepts to technical and non-technical audiences.
- Microsoft SC-400 certification strongly preferred; AZ-500, SC-200, SC-300, MS-102, CISSP, CCSP, or CCSK are a plus.
- Experience with Microsoft Defender for Microsoft 365, Zero Trust security architecture, Microsoft Purview Data Security Posture Management, AI/Copilot data governance, or MSP/multi-tenant environments preferred.