Microsoft Conditional Access Security Engineer

Job Description

ECS is seeking a Microsoft Conditional Access Security Engineer to work in our Arlington, VA office.

Please Note: This position is contingent upon contract award.

ECS has an exciting position for a Microsoft Conditional Access Security Engineer as we deploy, manage, and hardening our Microsoft cloud environment, including Azure, Office 365 and Microsoft 365.

The Microsoft Conditional Access Security Engineer should thrive on complexity, possess an analytical mindset, and brings deep expertise on managing and securing Microsoft's cloud platform.

Key Responsibilities

• Serve as the go-to, subject matter expert (SME) for securing the Microsoft cloud tenant, advising on architecture, design, and implementation of secure solutions across Azure, O365, and M365.
• Lead the develop and enforcement of Conditional Access Policies, aligned with best practices for managing access control for personas, groups, and applications.
• Act as the primary SME in optimizing the Microsoft Defender suite of components (Defender for Endpoint, Defender for Cloud, Defender for Identity, and Defender for Office 365)
• Implement Microsoft Purview, including data classification and sensitivity labels, Data Loss Prevent (DLP), and eDiscovery workflows.
• Design, run and optimize Kusto Query Language (KQL) queries for Azure Sentinel, Defender, and log analytics.
• Partner with SOC and incident response teams to integrate logging, telemetry, alerting, and automated threat response/playbooks.
• Review and remediate security controls through vulnerability assessments, penetration tests, and red/blue team engagements.
• Guide cross-functional teams on security controls, compliance requirements, policy, and governance best practices

Required Skills

• with ability to obtain/maintain Public Trust Suitability
• BA/BS+4 years of experience or 10+ years without degree
• Senior hands-on experience deploying, managing, and security Azure, Office 365 and Microsoft 365 in large enterprises
• 4+ years of experience engineering and configuring Microsoft Defender Ecosystem (Defender for Endpoint, Defender for Cloud, Defender for Identity, and Defender for Office 365), Microsoft Purview (DLP, sensitivity labels, eDiscovery), Conditional Access Policies (CAP), and Azure AD/EntraID
• Experience leveraging Kusto Query Language (KQL) for detection, investigation, response, and reporting
• Prior experience working within a Security Operations Center (SOC) Incident Response Team
• Active Expert Level certification (e.g. MSCE, AZ-900, AZ-500)
• Cybersecurity Certifications such as CISSP, OSCP, GCIH
• Strong networking, firewall, VPN and segmentation knowledge as it relates to cloud deployments

Desired Skills

• ITIL, Agile, or PMP familiarity/certification
• Experience with SOAR platforms (e.g. Splunk, Microsoft Sentinel)
• Hands-on exposure to third-party cloud security tooling (CASBs, CNAAPs, SD-WANs)
• Previous consulting or client-facing delivery experience

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.