System Security Engineer

• Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).
  
• Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.
  
• Automate security tasks and perform system audits using PowerShell and other scripting tools.
  
• Manage patching processes using WSUS, SCCM, or third-party tools.
  
• Integrate security logs and data into SIEM platforms and support threat detection/response initiatives.
  
• Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.
  
• Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.
  
• Assess and respond to security incidents using frameworks like MITRE ATT&CK.
  
• Continuously evaluate and improve system and application security controls.
  

Required:

• Bachelor’s degree in Information Security, Computer Engineering, or related field.
  
• One or more of the following certifications:
  
  

-Microsoft Certified: Security Operations Analyst
Associate (MS-SC200)

-Microsoft Certified: Identity and Access
Administrator Associate (SC-300)

-Microsoft Certified Cybersecurity Architect
Expert

Preferred:

• Master’s degree in Information Security or Computer Engineering
  
• Additional certifications such as:
  
  

-Systems Security Certified Practitioner (SSCP)

-CompTIA Cybersecurity Analyst (CySA+)

-Certified Information Systems Security
Professional (CISSP)

Experience & Knowledge Requirements:

• 5+ years of experience in Windows infrastructure
  security (Active Directory, Exchange, endpoint hardening)
  
• In-depth knowledge of:
  

-Active Directory (LDAP, Kerberos, Group Policy,
ADFS)

-Exchange security (transport rules,
SPF/DMARC/DKIM, hybrid configurations)

-Patch management systems (WSUS, SCCM, etc.)

• Strong
  PowerShell scripting capabilities for security automation and audits
  
• Proficient in
  Zero Trust architecture and multi-factor authentication practices
  
• Understanding
  of compliance frameworks: ISO 27001, NIST, CIS Controls
  
• Experience
  integrating with on-premise SIEM solutions
  
• Familiarity
  with MITRE ATT&CK and advanced threat detection techniques
  
• Solid
  background in systems, networks, and/or application security
  

• Security architecture and system
  hardening
  
• Scripting and automation (PowerShell)
  
• Threat detection, SIEM integration, and
  log analysis
  
• Identity and access management (IAM)
  
• Compliance and regulatory knowledge
  
• Problem-solving and incident response
  
• Strong communication and documentation
  skills