Senior IT Security Engineer (Microsoft Security Solution) (k/m/d) (Hybrid)

As a Senior IT Security Engineer, you will play a pivotal role in engineering, operating, and optimizing cutting-edge security controls throughout our enterprise IT and hybrid cloud platforms. You’ll work directly with leading technologies—Microsoft Defender, Microsoft Sentinel, Microsoft Entra, and Azure Purview—to enhance detection, incident response, identity security, and data governance. This is a hands-on role with advanced responsibilities in SIEM engineering, threat analysis, and the continuous hardening of both cloud and on-prem workloads.

Your responsibilities

• Engineer, deploy, and maintain enterprise-grade security platforms, including EDR/XDR (Microsoft Defender), SIEM (Microsoft Sentinel), NDR, and vulnerability management systems.
• Work in a capacity of a project manager, driving implementation of various solutions and acting as interface between various internal and external stakeholders.
• External stakeholder managerment.
• Manage and harden identity and access management using Microsoft Entra, including advanced configurations for Conditional Access, MFA, identity governance, PIM, and workload identities.
• Lead incident response, collaborating with SOC and IT teams. Design and optimize detection rules, threat-hunting queries, KQL analytics, automated playbooks, and custom connectors within Microsoft Sentinel.
• Serve as a subject matter expert, reviewing application stacks, identity configurations, and infrastructure for security best practices and recommending strategic hardening.
• Continuously assess and improve the security posture of cloud and on-prem systems, ensuring optimal endpoint protection, identity security, and compliance.
• Drive vulnerability management and remediation, prioritizing findings, validating fixes, and coordinating with cross-functional teams.Define and validate technical requirements for penetration testing, security assessments, and red teaming initiatives.
• Develop, maintain, and evolve security standards, hardening guides, and operational runbooks aligned with ISO 27001, NIST CSF, and CIS Benchmarks.
• Support advanced data classification, loss prevention, and governance initiatives with Microsoft Purview.

Our expectations

• Professional Experience: 5+ years in cybersecurity engineering or security operations, with a strong foundation in systems engineering, cloud security, and enterprise security toolsets.
• Technical Mastery: Deep expertise in Microsoft Defender (EDR/XDR), Microsoft Sentinel (SIEM), Microsoft Entra (identity security), and Azure Purview (data governance). Comprehensive knowledge of Windows and Linux security, endpoint telemetry, and OS internals. Hands-on experience with Azure security services, threat actor TTP analysis, MITRE ATT&CK mapping, and detection engineering.
• Incident Response & Automation: Demonstrated skills in incident response, threat hunting, log analysis, and forensics. Proficiency in scripting/automation (PowerShell, KQL, Python, Bash) to enhance detection engineering and operational excellence.
• Vulnerability Management: Practical experience with vulnerability management platforms and remediation processes.
• Soft Skills: Fluent English, strong communication, project management, and collaborative abilities. Able to bridge technical depth with cross-functional teamwork.
• Education & Certifications: Degree in IT, Cybersecurity, Computer Science or related field (preferred). Certifications such as AZ-500, SC-200, SC-300, CISSP, OSCP, or similar highly valued.
• Language: fluent command of English language is required. 

What we offer

• The opportunity to architect and operate a state-of-the-art, cloud-integrated security ecosystem at a biotech company. 
• Daily collaboration with highly experienced security engineers and architects in a culture of technical excellence.
• A stimulating environment that prizes continuous learning, innovation, and professional growth.
• B2B contact.
• Hybrid style of work (with ability to work mostly remotely).
• Competitive compensation, robust development opportunities, and a dynamic, forward-thinking engineering culture.