- Company Name
- Vargo Group
- Job Title
- Lead Cyber Security Engineer
- Job Description
-
**Job Title:** Lead Cyber Security Engineer
**Role Summary**
Senior technical and managerial position responsible for developing, implementing, and overseeing the security strategy for Microsoft 365 and Azure Cloud environments. Drives a Zero‑Trust security model, secure‑by‑design architecture, and robust incident response across the organization.
**Expectations**
- Define and execute a comprehensive security roadmap.
- Lead the cyber security function and incident response activities.
- Cultivate a secure‑by‑design culture within the security team and across the business.
- Manage vendor security assessments and ensure compliance with industry standards.
**Key Responsibilities**
- Design, deploy, and manage Microsoft Entra ID (Azure AD) with Conditional Access, Zero‑Trust, PIM/JIT, MFA, and passwordless options.
- Configure and monitor the Microsoft 365 Defender Suite, DLP/AIP, and Purview for data governance and compliance.
- Implement Azure security controls: RBAC, Managed Identities, NSGs, Azure Firewall, Key Vault, and Azure Policy/Blueprints.
- Utilize Microsoft Sentinel for log ingestion, alert triage, threat hunting, and playbook execution.
- Secure Azure resources (VMs, App Services, Containers) using DevSecOps tools (Defender for DevOps, GitHub Advanced Security) and Infrastructure as Code (Bicep/Terraform).
- Oversee Intune for mobile device and endpoint security.
- Maintain and update the cyber security risk register and ISMS controls.
- Lead, mentor, and grow the security team; deliver awareness training.
**Required Skills**
- Proven expertise in Microsoft Entra ID, Azure AD, Conditional Access, PIM/JIT, MFA, and passwordless authentication.
- Deep knowledge of Microsoft 365 Defender, Purview, DLP, AIP, and Insider Risk Management.
- Proficiency with Microsoft Sentinel (SIEM) – analytics, playbooks, and threat hunting.
- Strong background in Azure infrastructure security: RBAC, Managed Identities, NSGs, Azure Firewall, Key Vault, and compliance via Policy/Blueprints.
- Experience with DevSecOps integrations and IaC tools (Bicep, Terraform, ARM).
- Incident response, forensics, and threat intelligence fundamentals.
- Leadership and coaching skills, ability to influence cross‑functional teams.
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent work experience).
- Minimum 7–10 years of progressive cyber security experience, with at least 3 years leading Microsoft 365/Azure security initiatives.
- Current Microsoft certifications such as:
- Microsoft Certified: Azure Security Engineer Associate
- Microsoft Certified: Security, Compliance, and Identity Professional
- Microsoft Certified: Azure Solutions Architect Expert (preferred)
- Additional certifications like CISSP, CISM, or related security credentials are strongly desired.