Security Engineer

Title: Security Engineer

Location: Remote

Duration: 12 Month(s)

Intune and Browser Security Work Tasks Description:

Changing and/or setting browser policy settings for Chrome & Edge & Safari, in Intune. Policies in Intune:

• Password Autofill (Chrome & Edge) Prevents browsers from automatically filling in passwords, reducing the risk of phishing attacks.
• Automatic Password Saving (Chrome & Edge) Blocks the browser from storing user credentials, preventing attackers from extracting saved passwords.
• Password Import/Export (Edge) Stops users from exporting saved passwords, reducing data theft risks.
• Third-Party Authentication Credential Sharing (Edge) Blocks unapproved third-party services from accessing corporate authentication tokens.
• Insecure Forms Submission (Chrome & Edge) Prevents credentials from being sent over HTTP connections.
• Non-Corporate User Sign-Ins (Chrome & Edge) Ensures only managed accounts can be used in the browser.
• QUIC Protocol (Chrome & Edge) Blocks alternative network paths that could bypass corporate security tools like Zscaler and Palo Alto.
• WebSockets Communication (Chrome & Edge) Prevents sites from establishing direct connections to steal credentials.
• Direct Sockets API (Chrome & Edge) Blocks unauthorized browser network communication that could be used to exfiltrate credentials.

Dedicated Security Engineer Services

Security Engineer Services to be used for security engineering tasks and may include:

• Azure network security support and administration services
• Create and maintain Azure security policies, SSO and conditional access
• Maintain and support Active Directory and Azure Active Directory security operations
• Assist with security enablement strategy - jointly develop technical skilling enablement plans

and strategies

• Incident response plan development plans and procedures to mitigate the impact of security

incidents, and to recover systems and data.

• Testing and analyzing current configurations and suggesting improvements to existing security

systems

• Coordinating and briefing a team of security specialists
• Aligning security with compliance requirements and regulatory standards.
• Investigate, document, and assess security breaches and other cyber security incidents
• Defining the methodology & analysis of identifying compromised servers.

--