Senior Microsoft Security Engineer

About the role

The Senior Microsoft Security Engineer will be responsible for identifying potential threats to the IT infrastructure, recommending enhancements accordingly and implementing those technologies. The Senior Microsoft Security Engineer provides support to ensure applicable information protection policies, procedures, guidelines, best practices are followed. Performs Security Risk Assessments (SRAs) and performs compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures. The Microsoft Senior Security Engineer will be expected to demonstrate all of these skills while demonstrating specific emphasis on the application of Microsoft's security product suite along with other best in class industry security tools. Educates stakeholders in the assessment process and lead both pre- and post-assessment meetings. Duties and Responsibilities: Fully leverage the educational institutions Microsoft A5 license suite of products; in particular as it pertains to the industry leading suit of security products, processes, and strategies Lead the educational institutions Microsoft security "cloud first" strategy leading to fully leverage SDN (Software Defined Networking) Zero Trust, and Least Privilege strategies Design, implement, and maintain Microsoft security solutions for the educational institution's infrastructure Ensure that Microsoft operating systems are configured securely and that security patches are regularly applied Manage the configuration and effective use of Microsoft security products, including Microsoft Defender ATP, Azure Security Center, and Microsoft Information Protection. Implement Microsoft security best practices to maintain the security posture of the educational institution's infrastructure. Collaborate with Infrastructure/ITSM/Technical teams to implement security requirements in new and existing technology solutions. Stay up-to-date with the latest security threats and industry trends, and apply this knowledge to improve security protocols within the educational institution. Serve as a security expert in network efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Lead and execute projects on our security roadmap. Adhere to existing risk management frameworks, such as COBIT, ITIL, and ISO 27002. Manage incident response for network security events. Develop and maintain IT security policies. Research, design, and advocate new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Support vulnerability assessments on various types of networks and topologies; Execute risk and vulnerability assessments and remediation activities. Analyze output from network vulnerability assessments, recommend mitigation strategies and resolve any security incidents through work with pertinent business departments. Review and provide feedback on security plans and procedures regarding all aspects of LAN, WAN or MANs, as applicable; Review and provide input into network designs to ensure compliance with security and enterprise architecture. Provide input and visibility into emerging security technologies, deployment strategies and other security protocols to ensure awareness within the IT security branch. Build/enhance security architecture and configure network to enhance the security posture of the enterprise. Review in-house and 3rd-party applications/code for security vulnerabilities and best practices. Participate in Software Development Lifecycle: code review, QA security testing, launches, etc. Develop and/or implement automated security testing tools where possible. Participate in the development of security-related tools and applications, such as multi-platform cookie-based authentication and internal security libraries/frameworks. Train engineers on common security problems and best practices for writing secure code. Provide security input on overall software architecture. Perform hands-on testing of applications, as well as build and enforce information risk management requirements and structure, including providing practical secure architecture skills and developing and implementing Information Security best practices.