System Security Engineer

• Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).
  
• Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.
  
• Automate security tasks and perform system audits using PowerShell and other scripting tools.
  
• Manage patching processes using WSUS, SCCM, or third-party tools.
  
• Integrate security logs and data into SIEM platforms and support threat detection/response initiatives.
  
• Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.
  
• Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.
  
• Assess and respond to security incidents using frameworks like MITRE ATT&CK.
  
• Continuously evaluate and improve system and application security controls.
  
  
  
  
  

Required:

• Bachelor’s degree in Information Security, Computer Engineering, or related field.
  
• One or more of the following certifications:
  

- Microsoft Certified: Security Operations Analyst Associate (MS-SC200)

- Microsoft Certified: Identity and Access Administrator Associate (SC-300)

- Microsoft Certified Cybersecurity Architect Expert

Preferred:

• Master’s degree in Information Security or Computer Engineering
  
• Additional certifications such as:
  

- Systems Security Certified Practitioner (SSCP)

- CompTIA Cybersecurity Analyst (CySA+)

- Certified Information Systems Security Professional (CISSP)

Experience & Knowledge Requirements:

• 5+ years of experience in Windows infrastructure security (Active Directory, Exchange, endpoint hardening)
  
• In-depth knowledge of:
  

- Active Directory (LDAP, Kerberos, Group Policy, ADFS)

- Exchange security (transport rules, SPF/DMARC/DKIM, hybrid configurations)

- Patch management systems (WSUS, SCCM, etc.)

• Strong PowerShell scripting capabilities for security automation and audits
  
• Proficient in Zero Trust architecture and multi-factor authentication practices
  
• Understanding of compliance frameworks: ISO 27001, NIST, CIS Controls
  
• Experience integrating with on-premise SIEM solutions
  
• Familiarity with MITRE ATT&CK and advanced threat detection techniques
  
• Solid background in systems, networks, and/or application security
  
  

• Security architecture and system hardening
  
• Scripting and automation (PowerShell)
  
• Threat detection, SIEM integration, and log analysis
  
• Identity and access management (IAM)
  
• Compliance and regulatory knowledge
  
• Problem-solving and incident response
  
• Strong communication and documentation skills