Security Manager

Nebarex is more than software; it's a system designed for speed, clarity, and control. Built for the real world of logistics, it connects your operations into a single workflow where every actor is visible, every delay is escalated, and every step moves your business forward.

We are seeking a Security & Compliance Engineer with a strong background in
Microsoft 365 (M365) security and a solid understanding of Azure security
services. The ideal candidate will be responsible for securing our cloud
environments, managing device security for Windows and macOS, and
contributing to enterprise-wide compliance efforts aligned with ISO 27001 and
SOC 2 Type II frameworks.

You’ll play a critical role in implementing, monitoring, and improving security
controls across M365, Entra ID (Azure AD), Intune, and related technologies,
while also helping to enforce policies and procedures that align with industry
best practices.

• Microsoft 365 Security (Mandatory)
  Configure, monitor, and improve M365 security posture across multiple
  tenants, including Defender for Office 365, Defender for Endpoint, Data Loss
  Prevention (DLP) and Sensitivity Labels.
  Manage Microsoft Purview Compliance Center configurations and alerts.
  Conduct regular security assessments and incident response activities within
  the M365 environment.
• Azure Security (Preferred)
  Support and enhance Azure security controls, including Microsoft Defender
  for Cloud, Azure Security Center, Privileged Identity Management (PIM),
  and Key Vault.
  Review and harden Azure role-based access control (RBAC) and network
  security configurations.
• Identity and Access Management
  Administer Entra ID (formerly Azure AD), including Conditional Access Policies,
  Identity Protection, SSO configurations, and MFA enforcement.
• Device Security & Management
  Manage Intune for Windows and macOS devices, focusing on compliance
  policies, endpoint protection, enrollment, and patch management.
  Maintain device hygiene, endpoint threat protection, and mobile device security
  across the organization.
• Security Policies & Compliance Support
  Collaborate with stakeholders to implement and maintain security policies,
  standards, and procedures.
  Assist with risk assessments, audit preparations, and evidence gathering for
  ISO 27001 and SOC 2 Type II compliance.
  Support vendor risk management, data protection, and incident response
  planning.
• Monitoring, Reporting & Improvement
  Monitor security dashboards and respond to alerts, incidents, and anomalies.
  Conduct root cause analysis and remediation of security events.
  Continuously assess and improve security configurations and baseline
  policies.

• Proven experience in M365 security administration (Defender, DLP,
  Compliance Center, Intune).
• Hands‑on experience with Entra ID / Azure AD security configurations,
  Windows and macOS device management and security hardening.
• Understanding of ISO 27001 and/or SOC 2 Type II frameworks and compliance processes.
• Strong knowledge of identity and access management, cloud security, and
  endpoint security principles.

• Scripting/automation with PowerShell, KQL, or Azure Logic Apps.
• Exposure to incident response, compliance automation tools, and security operations.

• Security Operations Analyst Associate (SC-200)
• Identity and Access Administrator Associate (SC-300)
• Microsoft 365 Security Administrator Associate (MS-500)
• Azure Security Engineer Associate (AZ-500)

• ISC² Certifications such as SSCP, CISSP, or CCSP (not mandatory, but valued).

• Strong analytical and problem‑solving skills.
• Proactive in identifying security improvements and bringing initiatives to
  the table, with a focus on seeing them through to proper implementation.
• Ability to work independently and as part of a distributed team.
• Excellent verbal and written communication skills.
• Detail‑oriented with a commitment to security best practices and
  continuous improvement.