Office 365 Security Administrator

Job Description:

Responsibilities:

• Collaborate with onsite IT and security teams to align Office 365 and Sentinel configurations with organizational policies and industry standards (e.g., NIST, ISO 27001, SOC 2).
• Stay informed about Microsoft updates, emerging threats, and best practices to recommend proactive improvements.
• Document configurations, tuning procedures, and monitoring workflows for operational continuity and audit readiness.

Qualifications:

• Bachelor s degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent experience).
• 5-8 years of experience in IT administration, with at least 3 years focused on Office 365 security configuration and administration.
• 1-2 years of hands-on experience with Microsoft Sentinel administration, tuning, and monitoring in a production environment.

Certifications Preferred:

• Microsoft 365 Certified: Security Administrator Associate.
• Microsoft Certified: Azure Security Engineer Associate.

Technical Skills:

• Expertise in Office 365 security configuration (e.g., DLP, ATP, Conditional Access, Secure Score).
• Proficiency in Microsoft Sentinel administration, including KQL for query development and playbook automation.
• Strong knowledge of Azure AD, PowerShell scripting, and Microsoft Defender tools.
• Familiarity with cloud security frameworks and log management principles.

Office 365 Security Administrator:

• dminister and configure security settings for Office 365 services, including Exchange Online, SharePoint Online, Microsoft Teams, and OneDrive.
• Set up and maintain Azure Active Directory (AAD) security features, such as Conditional Access policies, Multi-Factor Authentication (MFA), and role-based access control (RBAC).
• Configure Data Loss Prevention (DLP) policies, email encryption.
• Microsoft Defender for Office 365 to protect sensitive data and mitigate phishing threats.
• Regular security assessments should be conducted using tools like Secure Score, and recommended configurations should be implemented to improve security posture.
• Troubleshoot and resolve Office 365 security-related issues, ensuring minimal downtime and optimal user experience.

Microsoft Sentinel Administration:

• dminister Microsoft Sentinel, including onboarding data sources (e.g., Office 365, Azure AD, third-party systems) and managing connectors.
• Tune Sentinel detection rules and analytics using Kusto Query Language (KQL) to reduce false positives and improve threat detection accuracy.
• Monitor security events and incidents in real-time through Sentinel dashboards, investigating anomalies and coordinating responses with the security team.
• Develop and optimize automated playbooks for incident response using Azure Logic Apps integrated with Sentinel.
• Generate detailed reports and metrics on security incidents, trends, and system performance for management and compliance purposes.