Role: Microsoft Business Security Engineer Location: Eagan, MN Duration: 9/27/2021 (contract to hire) Project Overview:
The cloud security engineer will work closely with the M365 team, Security Architecture and other teams to help deploy and operate a secure cloud application infrastructure that aligns with business needs. The position is responsible for supporting operational innovation and providing documented Security Configuration Standards to elevate the company's security posture within the M365 infrastructure. The cloud security engineer will work collaboratively with other teams to help deliver secure applications with resiliency to support business initiatives. The cloud security engineer is also expected to possess advanced administrative and troubleshooting skills, and be knowledgeable about engineering design principles. The cloud security engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage, the role requires planning and design of policies and maintenance. Skills Overview:
Qualifications/years of experience:
- 5 years of work experience in the Information Security field, -OR- 3 years of work experience in Security Engineering, Identity Management or CyberSecurity, and 2 years of Information Technology work experience in Server Engineering, Networking, Architecture or Application Development
- Bachelor's degree in Information Security, computer science or related area of study, or equivalent combination of education and/or relevant work experience; High School diploma or GED is required
- Must be eligible to work in the United States without need for work visa or residency sponsorship
- Good documentation skills
- Ability to manage and prioritize a heavy workload
- Develop, document and maintain secure cloud processes in tandem with architects and system engineers.
- Work with other Security Engineers to ensure other Security Controls such as Network Security Governance, Logging and Monitoring and Data Protection are all included in the overall M365 solution.
- Work with teams across the business as they begin to leverage M365 to understand requirements and ensure proper Security Controls are put into place.
- Collaborate with Legal, Privacy and RIM to ensure all stakeholder security requirements are met in documented Security Standards.
- Protect business applications in compliance with privacy, security, business resiliency and compliance frameworks as defined in corporate policies.
- Ensure the M365 environment configuration meets agreed upon Security Standards by developing a secure configuration monitoring strategy. Conduct oversight of security systems and security configuration administration to reduce risk to enterprise data, systems and accounts.
- Attend regular technical project and implementation meetings, and serve as a security consultant to help guide secure application and infrastructure configurations.
- Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to M365.
- Communicate necessary remediation efforts after security assessment findings outline weaknesses requiring attention.
- Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
- Attend and fully engage in change and project management meetings.
- Perform other duties as assigned.
- Microsoft 365 cloud experience
- Familiarity with other Security controls such as:
- Logging and monitoring
- Data Loss Prevention
- Shadow IT
- Configuration and System Hardening
- Vulnerability Management
Soft Skills Needed:
Best vs Average Worker:
- Strong critical thinking and problem-solving skills
- Ability to interpret and produce technical documentation such as diagrams, configuration parameters, etc.
- Ability to manage multiple priorities and expert multi-tasking skills
- Ability to facilitate meetings effectively with technical and non-technical staff
- Experience designing and deploying various security controls
- Takes initiative and can work without constant direction.
- Proactively comes up with new ideas.
- Customer service centric view and shared services mindset
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or