Job Title:
Senior / IT Infra Engineer (Identity and Security)
Role Overview
We are seeking a highly skilled and innovative IT Infra Engineer to join our team and lead the design, implementation, and management of secure infrastructure projects for a variety of clientele. This role offers the opportunity to architect and support enterprise-grade identity, security, and endpoint solutions across diverse environments.
.
Key Responsibilities
- Identity & Access Governance
- Design and architect Entra ID (Azure AD) solutions, focusing on Conditional Access, Privileged Identity Management (PIM), and Identity Protection.
- Manage complex identity lifecycle processes, integrating on-premises Active Directory with cloud-native identity providers.
- Implement and maintain passwordless authentication and Multi-Factor Authentication (MFA) strategies.
- Lead identity and access design for enterprise-wide rollouts, ensuring robust authentication mechanisms.
- Act as primary technical liaison for cybersecurity audits, providing compliance evidence.
- Mentor team members on security best practices and latest Entra features.
- Security Engineering & Threat Protection
- Engineer and operate Microsoft Defender for Endpoint and Defender for Office 365 suites (EPP/EDR) to proactively hunt for threats and remediate vulnerabilities.
- Deploy and manage Microsoft Purview for information protection, Data Loss Prevention (DLP), and eDiscovery.
- Develop automated response playbooks using PowerShell and Microsoft Graph API.
- Automation & Observability
- Build scalable automation using PowerShell, PowerBI, Dynatrace, and Axonius for monitoring and reporting.
- Use scripting (PowerShell, Bash, Python) to automate tasks and custom reporting.
- Utilize KQL and Endpoint Analytics to monitor device health and performance.
- Develop and maintain self-service portals for users to empower clients and reduce support volume.
- General & Stakeholder Engagement
- Engage with client stakeholders to translate business requirements into technical solutions that meet availability, capacity, resiliency, security, and continuity needs.
- Forecast budgets for project initiatives and maintenance contracts.
- Manage day-to-day delivery and support of application infrastructure services.
- Collaborate with other teams and external partners to deliver cross-functional projects.
- Leadership & Strategic Compliance
- Lead security design for enterprise-wide software rollouts, embedding Security by Design.
- Provide data-driven evidence of compliance with global security standards (e.g., ISO 27001, SOC2).
- Conduct regular knowledge-sharing sessions on the latest security features and threat landscapes.
What We Are Looking
- Technical & Functional Skills
- Mastery of both on-premises Active Directory and cloud-native Entra ID, including B2B/B2C, App Registrations, and Enterprise Applications.
- Proven experience implementing Microsoft 365 Defender suite and Microsoft Purview (DLP, EDR, EPP, identity security).
- Proficiency in PowerShell and Microsoft Graph API for automation and security auditing.
- Experience in contract and vendor management.
- Certifications (Preferred)
- SC-100 (Microsoft Cybersecurity Architect)
- SC-300 (Microsoft Identity and Access Administrator)
- MS-500 (Microsoft 365 Security Administration)
- CISSP or equivalent security accreditation
- Soft Skills
- Analytical ability to synthesize complex security and identity logs into actionable recommendations.
- Strong communication skills, both oral and written, with the ability to present ideas effectively.
- Team player with strong organisational and people management skills.
- Proactive, dedicated, with leadership and multi-tasking capabilities, able to work independently.
