Sr. M365 Security Engineer
Posted Today by ServQual - Security
Negotiable
Undetermined
Remote
United Kingdom
Summary: The role of Sr. M365 Security Engineer involves hands-on experience in managing Microsoft 365 security tools, particularly focusing on email security and incident response. Candidates must have practical experience in handling security incidents such as phishing and business email compromise. The position requires a strong understanding of identity and endpoint security within enterprise-scale environments. This role emphasizes a proactive approach to cybersecurity challenges and the implementation of Zero Trust security principles.
Key Responsibilities:
- Email Security (Primary Focus)
- Configure and manage Anti-Phishing, Safe Links, and Safe Attachments policies
- Investigate and respond to phishing, spoofing, and BEC incidents
- Use Threat Explorer and Automated Investigation and Response (AIR)
- Implement and manage SPF, DKIM, and DMARC
- Improve detection accuracy while minimizing false positives
- Security Stack
- Work with Microsoft Defender (Endpoint, Identity, Cloud Apps)
- Manage endpoint security through Intune
- Configure Conditional Access, MFA, and PIM in Entra ID
- Perform incident investigation and response
- Environment Exposure
- Support enterprise-scale M365 environments
- Implement Zero Trust security principles
- Integrate with SIEM tools (preferred)
Key Skills:
- Strong hands-on experience with M365 Security tools
- Ability to independently investigate and resolve security incidents
- Solid understanding of identity, endpoint, and email-based threats
- Practical, problem-solving approach to security challenges
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Location: UK / Remote Must have UK rights to work. No Visa sponsorship offered. Experience: 4–8 Years We are hiring a hands-on M365 Security Engineer with strong experience in the following areas: Microsoft Defender for Office 365 (MDO) – mandatory Microsoft Intune (Endpoint Security) Entra ID (Identity and Access Management) This role focuses on practical security operations. Candidates should have real experience handling phishing, spoofing, or business email compromise (BEC) incidents.
Key Responsibilities
- Email Security (Primary Focus)
- Configure and manage Anti-Phishing, Safe Links, and Safe Attachments policies
- Investigate and respond to phishing, spoofing, and BEC incidents
- Use Threat Explorer and Automated Investigation and Response (AIR)
- Implement and manage SPF, DKIM, and DMARC
- Improve detection accuracy while minimizing false positives
- Security Stack
- Work with Microsoft Defender (Endpoint, Identity, Cloud Apps)
- Manage endpoint security through Intune
- Configure Conditional Access, MFA, and PIM in Entra ID
- Perform incident investigation and response
- Environment Exposure
- Support enterprise-scale M365 environments
- Implement Zero Trust security principles
- Integrate with SIEM tools (preferred)
Requirements
- Strong hands-on experience with M365 Security tools
- Ability to independently investigate and resolve security incidents
- Solid understanding of identity, endpoint, and email-based threats
- Practical, problem-solving approach to security challenges
Not Suitable For Candidates with certifications only and no practical experience Limited or no exposure to Defender for Office 365 or email security Minimal involvement in incident handling
Why Join Work on real-world cybersecurity challenges Exposure to enterprise-scale environments Opportunity to contribute to and own security architecture