Workspace Security Engineer

We are seeking a Workspace Security Engineer to secure and optimize our digital workplace environment while ensuring endpoint compliance and protection across the organization.

The successful candidate will be responsible for implementing and maintaining security controls across Microsoft 365 collaboration platforms, endpoint devices, identity systems, and enterprise AI tools. This role plays a key part in enforcing Zero Trust principles, protecting sensitive information, and enabling secure hybrid work environments.

Key Responsibilities

• Secure and administer Microsoft 365 collaboration platforms with a focus on security, compliance, and data protection.
  
• Implement and manage Microsoft Entra Conditional Access policies based on device compliance, MFA, user risk, and Zero Trust principles.
  
• Govern external sharing and guest access across Microsoft Teams, SharePoint Online, and OneDrive.
  
• Configure and maintain sensitivity labels, information protection controls, and data access policies.
  
• Manage endpoint security and compliance across Windows, macOS, and Linux devices.
  
• Administer MDM, MAM, and EDR solutions to ensure device security and policy compliance.
  
• Implement endpoint hardening standards and reduce endpoint attack surfaces.
  
• Configure and optimize Microsoft Purview Data Loss Prevention (DLP) policies.
  
• Manage Endpoint Privilege Management (EPM) controls and privileged access restrictions.
  
• Implement browser security policies and web content filtering controls.
  
• Monitor endpoint compliance posture and remediate non-compliant devices through automation and policy enforcement.
  
• Collaborate with IT, Security, and Compliance teams to align workplace security standards.
  
• Secure enterprise AI tools and ensure governance controls are implemented.
  
• Support safe adoption of Microsoft 365 Copilot and other approved AI assistants through guardrails, policy enforcement, and user guidance.
  

Requirements

• Minimum 5 years of experience in Endpoint Security, Workplace Security Engineering, or Device Compliance.
  
• Hands-on experience with:
  • Microsoft Intune
    
  • Microsoft Defender for Endpoint
    
  • Microsoft Purview DLP
    
  • Microsoft Entra ID
    
• Strong knowledge of:
  • Windows Security
    
  • Linux Security
    
  • macOS Security
    
  • Endpoint Hardening
    
  • Compliance Frameworks
    
• Experience implementing:
  • Conditional Access
    
  • Zero Trust Architecture
    
  • MFA Controls
    
  • Device Compliance Policies
    
• Familiarity with enterprise browser security and policy enforcement.
  
• Knowledge of AI security controls and governance for enterprise AI solutions.
  
• Practical experience with Microsoft 365 Copilot or similar AI assistants.
  
• Scripting experience using PowerShell, Bash, or Python.
  
• Strong troubleshooting, analytical, and problem-solving skills.
  
• Excellent communication and stakeholder management abilities.
  
• Bachelor's degree in Computer Science, Information Security, or a related field.
  

Preferred Qualifications

• Microsoft SC-200 (Security Operations Analyst)
  
• Microsoft SC-300 (Identity and Access Administrator)
  
• Microsoft MD-102 (Endpoint Administrator)
  
• CompTIA Security+
  
• CISSP
  
• CCSP
  

Preferred Profile

• Passionate about cybersecurity and modern workplace technologies.
  
• Strong understanding of Zero Trust and risk-based security approaches.
  
• Proactive, detail-oriented, and self-driven.
  
• Comfortable collaborating across global teams and multiple time zones.
  
• Enthusiastic about leveraging AI tools to improve productivity and security outcomes.
  
• Able to balance security requirements with business productivity needs.