System Security Engineer

We are seeking a highly skilled System Security Engineer to strengthen our cybersecurity posture across on-premise and hybrid environments. The ideal candidate will have a strong background in Windows infrastructure security, identity and access management, scripting, and compliance frameworks. This role is critical to ensuring the protection, integrity, and resilience of our IT systems, while supporting secure business operations and digital transformation initiatives.Key Responsibilities:Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.Automate security tasks and perform system audits using PowerShell and other scripting tools.Manage patching processes using WSUS, SCCM, or third-party tools.Integrate security logs and data into SIEM platforms and support threat detection/response initiatives.Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.Assess and respond to security incidents using frameworks like MITRE ATT&CK.Continuously evaluate and improve system and application security controls.RequirementsQualifications:Required:Bachelor’s degree in Information Security, Computer Engineering, or related field.One or more of the following certifications: -Microsoft Certified: Security Operations AnalystAssociate (MS-SC200) -Microsoft Certified: Identity and AccessAdministrator Associate (SC-300) -Microsoft Certified Cybersecurity ArchitectExpertPreferred:Master’s degree in Information Security or Computer EngineeringAdditional certifications such as: -Systems Security Certified Practitioner (SSCP) -CompTIA Cybersecurity Analyst (CySA+) -Certified Information Systems SecurityProfessional (CISSP)Experience & Knowledge Requirements:5+ years of experience in Windows infrastructuresecurity (Active Directory, Exchange, endpoint hardening)In-depth knowledge of:-Active Directory (LDAP, Kerberos, Group Policy,ADFS)-Exchange security (transport rules,SPF/DMARC/DKIM, hybrid configurations)-Patch management systems (WSUS, SCCM, etc.)StrongPowerShell scripting capabilities for security automation and auditsProficient inZero Trust architecture and multi-factor authentication practicesUnderstandingof compliance frameworks: ISO 27001, NIST, CIS ControlsExperienceintegrating with on-premise SIEM solutionsFamiliaritywith MITRE ATT&CK and advanced threat detection techniquesSolidbackground in systems, networks, and/or application securitySkillsRequirements:Security architecture and systemhardeningScripting and automation (PowerShell)Threat detection, SIEM integration, andlog analysisIdentity and access management (IAM)Compliance and regulatory knowledgeProblem-solving and incident responseStrong communication and documentationskills#J-18808-Ljbffr