Microsoft Security Engineer- Remote (Anywhere in the U.S.)

Guidepointsecurity · Remote · Engineering

Posted 2026-07-17

Apply for this role →

General Description:

We are seeking a security first, Microsoft focused engineer to join our Microsoft Cloud Security Team. This role will be primarily delivering hands-on security engagements for clients ranging from small businesses to large enterprises. Your work centers on Microsoft Entra ID (identity and access management) and Microsoft Purview (data protection), with supporting work in Intune and Defender XDR. You'll partner with architects and principal consultants across varied industries and environments.

You'll own your technical delivery independently (80% billable target), managing your time and communication within assigned engagements, and contribute to internal practice and knowledge-sharing efforts between projects.

Roles and Responsibilities:

Identity & Access (Entra ID / AD): Design and implement identity architecture, hybrid sync (Entra Connect), Conditional Access, MFA/passwordless, and identity governance (PIM, RBAC, access reviews, entitlement management).

Integrate applications via SSO (SAML/OIDC), enterprise app registrations, and SCIM provisioning.

Investigate and remediate identity risks using Entra ID Protection, sign-in and audit logs; drive hybrid identity hygiene (stale object cleanup, privileged account reduction, tiered admin models).

Data Security & Compliance (Purview): Design and implement sensitivity labels, DLP, and retention policies across M365; support data classification, information protection rollouts, and data security posture assessments.

Support eDiscovery, Insider Risk Management, communication compliance, and AI data security readiness (DSPM for AI) as engagements require.

Intune & Defender XDR: Configure device compliance, configuration profiles, and app deployments across platforms; support Defender for Endpoint, Office 365, Identity, and Cloud Apps in cloud and hybrid environments.

Other duties as assigned.

Adhere to GuidePoint Security Core Values.

Required Experience:

Bachelor’s degree preferred.

2–5 years in IT administration, identity management, or security operations.

Hands-on production experience with Microsoft Entra ID and on-premises Active Directory, including Conditional Access, MFA, RBAC, and hybrid identity (Entra Connect).

Knowledge of core authentication protocols: SAML, OAuth 2.0/OIDC, Kerberos, LDAP.

Experience implementing Microsoft Purview (sensitivity labels, DLP, retention, or eDiscovery) and comfort supporting Intune and Defender XDR.

Basic PowerShell scripting for automation and reporting (e.g., Microsoft Graph PowerShell).

Strong troubleshooting skills, attention to detail, and clear written and verbal communication.

Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes.

Preferred Experience:

Advanced AD work: multi-domain/forest design, migrations, tiered administration, legacy auth cleanup.

Microsoft Sentinel: log onboarding, detection development, or broader SIEM/SOAR experience.

Azure infrastructure and security (Azure Policy, network security, landing zones, RBAC).

SharePoint Online governance, Teams Voice, Power BI/Fabric, or Copilot Studio/Azure AI Foundry experience.

Travel Requirements:

This role is 100% remote requiring less than 10% travel for corporate events

Physical Requirements:

Sedentary work

Substantial movement of the wrists, hands, and/or fingers for a minimum of 8 hours a day

Required to have close visual acuity to view computer terminal and/or extensive reading for a minimum of 8 hours a day

Apply for this role →

← Back to all jobs