Microsoft Security Implementer Role (Lead)

About the role

We are a premier digital transformation and enterprise technology partner embedded within highly regulated global sectors. By combining advanced cloud architectures, deep cybersecurity engineering mastery, and rigorous delivery governance, we design and implement high-performance security environments that protect mission-critical business assets. We focus heavily on architectural excellence, automated threat mitigation, and nurturing top-tier technical leadership in Singapore. We are seeking an elite, senior-level Microsoft Security Implementation Lead to serve as the core Subject Matter Expert (SME) for our enterprise infrastructure transformation track. In this critical technical leadership role, you will take complete end-to-end ownership of the design, functional deployment, and operational management of advanced security controls across the entire Microsoft enterprise ecosystem. Acting as the vital nexus between business risk champions, compliance auditors, and engineering squads, you will architect secure, resilient hybrid environments and lead multi-market deployment tracks. This role requires an agile, self-driven leader who combines deep hands-on configuration depth with the professional polish required to advise senior stakeholders.

Responsibilities

• Security Architecture & Advanced Engineering
• Enterprise Blueprinting: Design, configure, and implement enterprise-grade security architectures and controls natively mapped across multi-region Microsoft 365 and Azure environments.
• Microsoft Suite Deployment: Take architectural ownership and hands-on deployment oversight of the unified security stack, including:
• Microsoft Defender: Defender for Endpoint, Defender for Office 365, and Defender for Cloud.
• Microsoft Purview: Core Data Loss Prevention (DLP), Information Protection, and Data Compliance frameworks.
• Microsoft Entra ID: Directory architectures, advanced Identity Governance, and Access Management pipelines.
• Data Protection: Enforce airtight protocols, transparent routing rules, and encryption controls to safeguard data confidentiality, integrity, and availability (CIA triad).
• Identity & Access Management (IAM) Governance
• Access Control: Formulate and configure enterprise-scale Multi-Factor Authentication (MFA), Single Sign-On (SSO), and robust Conditional Access policies.
• Privileged Identity Control: Design and manage Role-Based Access Control (RBAC) schemas alongside Privileged Identity Management (PIM) to enforce strict zero-trust, least-privilege access models.
• Hybrid Operations: Architect secure identity bridges syncing legacy on-premises directories with cloud-native architectures seamlessly.
• Threat Protection & Incident Response (SecOps)
• Sentinel Architecture: Implement and optimize security monitoring workflows leveraging Microsoft Sentinel (SIEM/SOAR) and the broader Defender suite.
• Incident Escalation: Lead active monitoring, deep-dive investigations, and automated responses to high-priority security incidents and cross-regional escalations.
• Root Cause Analysis (RCA): Perform rigorous post-incident root cause analyses and deliver actionable technical recommendations to compress future Mean Time to Repair (MTTR) and Mean Time to Detect (MTTD).
• Vulnerability Management & Governance Compliance
• Posture Optimization: Conduct proactive security assessments, automated vulnerability scanning tracks, and structured engineering remediations to continuously uplift enterprise security posture.
• Framework Alignment: Map technical controls against recognized global cybersecurity frameworks (e.g., NIST, ISO 27001, IM8 compliance).
• Audit Readiness: Deliver pristine technical specification logs and documentation to support regulatory audits, risk registers, and governance reviews.
• Skills & Experience Required
• Must-Have Skills (Mandatory for Skills Matching)
• Microsoft Ecosystem Mastery: Minimum of 5+ years of dedicated, hands-on experience as a Security Engineer or Tech Lead specifically migrating, deploying, and managing Microsoft security applications.
• Cloud & Hybrid Infrastructure: Verifiable functional depth in Azure security architecture, microservices protection patterns, and hybrid network perimeter configurations.
• IAM & Endpoint Specialization: Proven track record designing enterprise-wide Entra ID policies, Microsoft Purview DLP rule trees, and end-to-end endpoint detection rules.
• Documentation Rigor: Outstanding capability to write engineering-ready Technical Specifications, Standard Operating Procedures (SOPs), and incident reporting playbooks.
• Preferred Certifications & Differentiators
• Primary Certification: Microsoft Certified: Azure Security Engineer Associate ( AZ-500 ) or Microsoft 365 Security Administrator ( MS-500 ).
• Leadership Credentials: CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) is highly advantageous.
• Ecosystem Fami

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at RANDSTAD PTE. LIMITED? Share your experience