Full Time
50,000
40
Jul 1, 2026
Job Title
Microsoft 365 Engineer (Security & Endpoint Management)
Role Summary
The Microsoft 365 Engineer is responsible for designing, configuring, and operating Microsoft 365 security and endpoint management capabilities, with a strong focus on Microsoft Defender (threat/vulnerability monitoring) and Microsoft Intune (device and fleet management). The role ensures devices and users are protected, compliant, patched, and governed by policy, and provides monthly reporting and review outcomes to stakeholders.
Key Responsibilities
1) Microsoft Defender – Vulnerability and Threat Monitoring (Configured as part of onboarding)
• Deploy, configure, and manage Microsoft Defender capabilities to support enterprise security outcomes.
• Operate Next Generation Antivirus controls and policies (endpoint protection baselines, alerting, exclusions governance, etc.).
• Configure and monitor Attack Surface Reduction controls (e.g., ASR rules, controlled folder access, web protection where applicable).
• Monitor device and user security posture, including threat detections, i
• Drive remediation activities in collaboration with IT and business stakeholders (patching, configuration changes, policy enforcement).
• Maintain operational runbooks for alert handling, i
2) Microsoft Intune – Device and Fleet Management (Configured as part of onboarding)
• Implement and administer Intune for device enrollment, configuration, compliance, and lifecycle management.
• Manage device setup and standards, including build profiles, configuration profiles, compliance policies, and baseline hardening.
• Own regular patching and updates strategy and operations (Windows Update rings/feature updates, reporting, exception handling).
• Implement app protection controls (MAM/MDM as applicable), including application configuration policies and access governance.
• Configure and maintain Data Loss Prevention controls relevant to endpoints and mobile scenarios (e.g., policy alignment with Microsoft Purview DLP where in scope).
• Provide operational support: troubleshooting enrollment, policy conflicts, device compliance issues, and user access impacts.
3) Monthly Reporting & Reviews
• Produce monthly security and endpoint management reports covering key metrics (security posture, vulnerabilities, i
• Lead monthly service reviews with stakeholders, presenting trends, risks, remediation progress, and recommendations.
• Maintain action registers and ensure follow-through on agreed remediation items and continuous improvement initiatives.
Core Competencies
• Strong operational discipline with clear documentation and evidence-based reporting.
• Ability to translate technical risk into business impact and remediation priorities.
• Stakeholder management across IT, Security, and end-user groups.
• Structured troubleshooting and root-cause analysis.
Required Technical Skills
• Microsoft Intune (Endpoint Manager): enrollment, configuration profiles, compliance policies, update management, reporting, troubleshooting.
• Microsoft Defender (M365 Defender stack): endpoint protection operations, alert/i
• Windows endpoint management: security baselines, configuration hardening, patching concepts, identity/device compliance fundamentals.
• General Microsoft 365 administration and security fundamentals (identity, access, policy-driven controls, tenant governance).
• Reporting capability (dashboards, operational reporting, and executive summaries).
Experience & Qualifications
• 3+ years in Microsoft 365 administration with demonstrated hands-on delivery in Intune and Defender operations.
• Experience supporting onboarding/configuration of endpoint and security controls in a production environment.
• Relevant Microsoft certifications are preferred (examples):
• Microsoft Endpoint Administrator (MD-102)
• Microsoft Security Operations / Security Engineer tracks (role-relevant equivalents)
Desirable (Nice to Have)
• Microsoft Purview (DLP, information protection) exposure and policy alignment experience.
• Microsoft Sentinel or SIEM integration experience.
• Experience in regulated environments (ISO 27001-aligned controls, audit evidence, change management).
• Scripting/automation (PowerShell) for fleet operations and reporting.
Key Deliverables / Performance Measures
• Defender and Intune onboarding completed to standard with documented configurations and runbooks.
• Measurable improvement in vulnerability exposure and time-to-remediate.
• Patch compliance and device compliance maintained to agreed thresholds.
• Clear monthly reporting delivered on time with actionable recommendations and tracked outcomes.
Candidate Requirements
Essential Experience
• Minimum 3–5 years hands-on experience administering Microsoft 365 in an enterprise or managed services environment.
• Demonstrated delivery experience configuring and operating:
• Microsoft Defender (threat and vulnerability monitoring, endpoint protection)
• Microsoft Intune (device enrollment, compliance, configuration, patching, app protection)
• Proven capability producing monthly operational reports and presenting outcomes in stakeholder service reviews.
• Experience supporting onboarding of new users/devices with standardised security and endpoint controls.
Essential Technical Capability
• Strong working knowledge of:
• Microsoft Intune / Endpoint Manager: Autopilot (if used), enrollment methods, configuration profiles, compliance policies, update rings/feature updates, application deployment, troubleshooting.
• Microsoft Defender: Next-gen AV policy administration, alert/i
• Solid understanding of Microsoft 365 security fundamentals:
• Identity and access concepts (Azure AD / Entra ID fundamentals)
• Endpoint compliance and device risk concepts
• Policy-driven security and governance practices
• Competence in documentation and operational disciplines:
• Runbooks/SOPs, change control, evidence capture for audits, and configuration standards.
Essential Personal Attributes
• Strong analytical and troubleshooting skills with an ability to conduct root-cause analysis and implement corrective actions.
• Clear written and verbal communication skills, including the ability to translate technical issues into business risk and remediation actions.
• High attention to detail, structured delivery, and strong time management.
• Comfortable working independently, prioritising workload, and collaborating across IT/Security teams.
Qualifications and Certifications
• Relevant tertiary qualification in IT, Cyber Security, or equivalent practical experience.
• Microsoft certifications preferred (one or more):
• MD-102 (Endpoint Administrator)
• Role-aligned Microsoft Security certifications (e.g., Security Engineer / Security Operations tracks)
Desirable (Nice to Have)
• Exposure to Microsoft Purview (DLP / Information Protection) and policy alignment across endpoints and M365.
• Experience integrating Microsoft Defender with SIEM/SOAR tools (e.g., Microsoft Sentinel).
• PowerShell automation for endpoint operations, reporting, and configuration validation.
• Experience working in environments aligned to ISO 27001, Essential Eight, or similar security frameworks.
• Prior experience in a managed services environment with SLAs, ticketing systems, and structured service reviews.
START DATE: JANUARY 2026