Security Engineer

General Description The Security Engineer plays a key role in protecting NorthWinds Technology Solutions, its affiliated companies, and its clients by designing, implementing, and maintaining enterprise security solutions. This position focuses heavily on the Microsoft security ecosystem, including endpoint protection, identity security, and related capabilities. This role is responsible for strengthening the organization’s security posture through proactive monitoring, detection, and response, while working cross-functionally with infrastructure, cloud, and application teams. The Security Engineer will also participate in vulnerability management, incident response, and the ongoing evolution of security architecture and controls. Core Responsibilities Security Operations & Monitoring Monitor, investigate, and respond to security alerts across Microsoft security and other platforms (Purview, Defender suite, SIEM, Entra ID) Analyze logs and telemetry to identify suspicious activities and potential threats Support incident response activities, including containment, eradication, and root cause analysis Maintain and improve detection rules, analytics, and alert tuning Microsoft Security Platform Administer and Optimize: Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) security controls and tools Microsoft Purview controls and tools Additional responsibilities: Develop and maintain automated workflows and playbooks Integrate Microsoft security tools with other enterprise systems Vulnerability & Risk Management Conduct vulnerability assessments and coordinate remediation efforts Partner with infrastructure and application teams to prioritize and mitigate risks Contribute to risk tracking, reporting, and audit readiness (SOC 2, HIPAA, etc.) Architecture & Engineering Work with the Security Architect to identify and recommend improvements to enterprise security architecture Assist with the implementation of security controls across cloud (Azure/AWS) and on-premises environments Support identity and access management initiatives, including MFA, conditional access, and least privilege Compliance & Governance Assist with audits, security reviews, and third-party assessments Ensure alignment with organizational security policies and regulatory requirements Provide input into security standards, procedures, and documentation Collaboration & Enablement Work closely with infrastructure, network, and application teams to embed security controls Provide technical guidance and support for security best practices Help drive security awareness across engineering teams Key Skills Identity and access management (IAM) Network security fundamentals (TCP/IP, firewalls, segmentation, switching, and routing) Windows and cloud security principles SIEM platforms and operations Experience with vulnerability management and remediation processes Familiarity with security frameworks and compliance standards (SOC 2, HIPAA, NIST, CIS) AWS networking, security configuration, and tools Strong analytical, troubleshooting, and problem-solving skills Linux terminal and PowerShell experience Copilot administration and machine learning familiarity Effective communication and collaboration skills Key Characteristics Detail-oriented and proactive in identifying and mitigating risks Strong ownership mindset with the ability to drive security initiatives forward Collaborative, team-first approach across infrastructure and security functions Continuous learner who stays up to date on evolving threats and technologies Required Qualifications 3–5 years of experience in cybersecurity, security engineering, or security operations Hands-on experience with Microsoft security technologies, including: Microsoft Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Microsoft Entra ID (Azure AD) security features and Intune administration Experience with endpoint detection and response (EDR/XDR) and SIEM platforms

Preferred Qualifications

Microsoft certifications (SC-200, SC-300, AZ-500, or equivalent) Experience with automation and scripting (PowerShell, Python) Exposure to cloud security (Azure and/or AWS) Experience implementing conditional access policies and Zero Trust principles Knowledge of threat intelligence and detection engineering Work Conditions Participation in an on-call rotation may be required Primarily remote work environment Limited travel (<5%)