Microsoft Cybersecurity Infrastructure Engineer

Job Title:

Microsoft Cybersecurity Infrastructure Engineer

Location:

Sunrise, FL

Position Overview:

This role is part of a global initiative to harmonize and secure the Microsoft environment across the enterprise. The ideal candidate will have deep technical expertise in Microsoft cybersecurity, with a strong emphasis on Active Directory, threat response, and incident recovery.

Primary Responsibilities:

• Contextualize and prioritize adversary containment and recovery efforts across multiple workstreams.
• Develop and execute comprehensive recovery plans in response to large-scale cybersecurity incidents, including ransomware attacks.
• Deploy forensic collection tools across complex enterprise environments.
• Proactively identify potential threats and provide mitigation strategies.
• Offer strategic recommendations to improve overall cybersecurity posture.
• Conduct regular audits on user access and role-based security.
• Participate in knowledge transfer to empower internal teams against evolving threats.

Ongoing Cybersecurity Initiatives:

• Research and summarize evolving security threats and response capabilities.
• Support and lead investigations into current attacks and threat actor behaviors.
• Document innovative solutions and suggest improvements to existing security protocols.
• Prioritize and validate technical indicators, developing tools for automation.

Required Qualifications:

• 5 years experience in the software development lifecycle, large-scale computing, cybersecurity, and anomaly detection.
• 3 years of experience in:
• Threat actor containment during incidents.
• Rapid recovery of infrastructure, especially Active Directory rebuild/restoration.
• Threat actor eviction post-investigation.
• Active Directory and related components (Kerberos, NTLM, Group Policy, Backup & Disaster Recovery, DNS, gMSAs).
• Proficiency in one or more query languages: KQL, SPL, SQL, etc.

Preferred Qualifications:

• 6 years in cybersecurity and large-scale IT operations.
• Proficiency in PowerShell and Bash scripting.
• Experience with:
• Security tools: Splunk, CrowdStrike Falcon, QRadar.
• Microsoft PKI (AD CS) and AD FS.
• Platforms: Linux and MacOS.
• Microsoft AI products: Security Copilot, Bing Copilot, GitHub Copilot, Office Copilot, Windows Copilot.
• Familiarity with DevOps: CI/CD, Infrastructure as Code, Configuration Management.
• Virtualization platforms: Hyper-V, VMware.
• Networking: routing, firewalls, ACLs, DHCP, packet analysis.
• Microsoft Purview and data governance strategies.
• Experience with data classification, labeling, posture management, and E5 security features.
• Knowledge of domain security best practices.
• Hands-on experience with Microsoft Azure and AD Migration tools (e.g., Quest).