IT Security Engineer (L3)

United States of America

Full Time

1 hour ago

$105,000 - $125,000 USD

Visa Sponsor

Key skills

Microsoft SentinelKQLMicrosoft PurviewDLPSensitivity labelseDiscoveryMicrosoft Defender XDRDefender for EndpointDefender for Office 365Defender for Cloud AppsmacOS administrationShell scriptingbashzshMicrosoft 365 E5 license tierMicrosoft 365 E7 license tierMicrosoft Security CopilotMicrosoft Global Secure AccessGCP IAMWorkload Identity FederationIAM roles and bindingsVantaGRC automation toolingEnterprise password managementHITRUST CSF i1HITRUST CSF r2ISO 27017ISO 27018SCIM provisioningMicrosoft Graph PowerShell SDKApp-only authenticationCustom Entra app registrationsConditional Access policy designAzure VM administrationDocker Compose administrationSharePoint Online administrationViva ConnectionsApple Business ManagerAutomated Device EnrollmentWindows AutopilotPrioritization judgmentShellBashPowerShellAnalyticsAzureGCPDockerIAMEntra IDSingle Sign-OnSaaS

About this role

Synthesis Health is a mission- and values-driven company focused on revolutionizing healthcare through innovation. They are seeking an IT Security Engineer to manage their Microsoft 365 environment and ensure security operations for a fully remote healthcare SaaS company.

Responsibilities:

End-user IT support: first point of contact for the company across Microsoft 365, identity, devices, SaaS access, and general technology issues, with ownership of the internal support queue
Endpoint administration across macOS and Windows: Intune compliance and configuration policies, application deployment, endpoint DLP, OS update management
Entra ID operational ownership: Conditional Access lifecycle, group and license hygiene, access reviews, PIM
Microsoft Purview, Sentinel, Defender, and Global Secure Access: ongoing tuning, alert triage workflows, evidence pipelines, secure access policy management
Automation and integration: building and maintaining workflows across our SaaS estate using APIs, webhooks, and appropriate tooling
Joiner-mover-leaver execution and the tooling that supports it
Compliance evidence generation and audit support across our compliance frameworks
SaaS administration hygiene: Vanta posture, app registrations, license reconciliation
Identifying opportunities to improve, replace, or consolidate our existing tooling

Requirements:

Microsoft Sentinel: KQL, data connectors, analytics rules, workbook authoring, cost management
Microsoft Purview hands-on: DLP, sensitivity labels, retention, eDiscovery
Microsoft Defender XDR: Defender for Endpoint, Defender for Office 365, Defender for Cloud Apps
macOS administration: configuration profiles, shell scripting (bash, zsh)
Experience operating in a one-person or small-team IT environment, with the prioritization judgment that comes from it
Microsoft 365 E5 or E7 license tier experience specifically
Microsoft Security Copilot exposure
Microsoft Global Secure Access: Internet Access, Private Access, traffic forwarding profiles
macOS administration at depth: declarative device management, Platform Single Sign-On
GCP IAM exposure: Workload Identity Federation, org policies, IAM roles and bindings
Vanta or comparable GRC automation tooling
Enterprise password management administration
HITRUST CSF i1 or r2 familiarity
ISO 27017 and ISO 27018 cloud-specific control familiarity
SCIM provisioning experience across multiple SaaS applications
Self-hosted automation platform experience including deployment, upgrades, and monitoring
Microsoft Graph PowerShell SDK at an advanced level: app-only authentication, custom Entra app registrations
Conditional Access policy design at scale, including structured policy taxonomies
Azure VM and Docker Compose administration
SharePoint Online administration and Viva Connections
Apple Business Manager and Automated Device Enrollment workflows
Windows Autopilot deployment experience
Experience supporting a SOC 2 Type II or ISO 27001 Stage 2 audit as the named technical owner