Job Description: Microsoft Security Engineer

Department IT / Security Operations

Reports To Managed Services Lead

Location UAE

Salary Range AED 6,000 – 8,000 per month

Employment Type Full-Time

Role Summary

We are seeking a Microsoft Security Engineer to manage and optimize our Microsoft 365 

security stack, including Entra ID (Azure AD), Microsoft Defender suite, and related identity and 

data protection services. This role combines day-to-day security administration with active 

participation in incident detection, investigation, and response alongside our SOC team.

Key Responsibilities

• Administer and optimize Microsoft Entra ID (Azure AD) security controls including 

Conditional Access policies, MFA enforcement, Privileged Identity Management (PIM), 

and access reviews.

• Manage Microsoft Defender for Endpoint, Defender for Office 365, Defender for Cloud, 

and Defender for Cloud Apps — including alert tuning, policy configuration, and falsepositive reduction.

• Monitor and investigate security alerts from Microsoft 365 security signals; perform 

triage, scoping, and escalation in coordination with the 24×7 SOC.

• Handle email security operations including phishing/BEC investigation, quarantine 

management, and submission workflows via Defender for Office 365.

• Conduct monthly Microsoft Secure Score reviews and drive posture improvement 

initiatives across identity, endpoint, email, and cloud workloads.

• Support DLP policy monitoring and tuning through Microsoft Purview (where enabled 

and delegated).

• Implement and document configuration changes through an agreed change 

management process with pre/post validation.

• Produce monthly operational reports covering alerts, incidents, security posture trends, 

and improvement backlogs.

• Collaborate with the SOC team on incident response coordination for P1/P2 Microsoftrelated incidents, including evidence preservation and root cause analysis.

• Participate in security awareness initiatives and provide guidance on Microsoft 365 

security best practices to internal stakeholders.

Required Qualifications & Certifications

• Microsoft certification: SC-200 (Security Operations Analyst) or SC-300 (Identity and 

Access Administrator) or equivalent (mandatory).

• 3+ years of hands-on experience administering Microsoft 365 security services (Entra 

ID, Defender suite, Purview).

• Strong understanding of identity and access management concepts, Conditional Access 

design, and Zero Trust principles.

• Experience with email security (anti-phishing, anti-spam, safe attachments/links) and 

incident investigation workflows.

• Familiarity with SIEM/SOAR integration of Microsoft security signals and log forwarding.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a 

related field.

Preferred Qualifications

• Additional certifications: AZ-500 (Azure Security Engineer), MS-500, or SC-400.

• Experience with Microsoft Sentinel or other cloud-native SIEM platforms.

• Exposure to hybrid identity environments (on-prem AD + Entra ID sync).

• Experience working in a Managed Security Services or SOC environment.

• Knowledge of compliance frameworks relevant to the UAE (e.g., NESA, Central Bank 

regulations).