MSP Engineer - Azure Government & Microsoft Office 365 GCC High

MSP Engineer - Azure Government & Microsoft Office 365 GCC High

Join the front lines of cloud defense with Agile IT as an MSP Security Engineer. In this role, you'll be the guardian of our clients' Microsoft Cloud environments, ensuring they stay secure, compliant, and resilient against cyber threats. This position is at the heart of our managed security services (AgileDefend), working with cutting-edge Microsoft security tools in Azure and Microsoft 365 to meet CMMC Level 2 and other regulatory requirements. You'll spend your days hunting for threats, fine-tuning defenses, and automating away inefficiencies – one moment diving into log analytics, the next scripting a fix to a recurring issue. If you love the idea of combining blue-team vigilance with clever automation (and earning high-fives for every thwarted incident), you'll thrive in our fast-paced, collaborative environment that values both security excellence and continuous learning.

Key Responsibilities

• Security Administration: Administer and maintain a suite of Microsoft security and compliance solutions for multiple clients. This includes managing Azure AD/Entra ID configurations, Microsoft Defender for Endpoint/Office 365/Cloud Apps, Microsoft Sentinel SIEM, Intune endpoint management, and Purview compliance features. Ensure that security baselines and configurations across these tools are consistently enforced and aligned with each client's policies and CMMC requirements.
• Threat Monitoring & Incident Response: Monitor security alerts and events across client environments using our SOC tools (XDR and SIEM). Investigate incidents (phishing attempts, malware detections, suspicious logins, etc.) by analyzing logs and telemetry. Execute incident response playbooks to contain and remediate threats in a timely manner. You will be on the front line to triage issues, perform root cause analysis, and recommend improvements to prevent future incidents.
• Alert Tuning & Noise Reduction: Continuously tune detection rules and thresholds to improve signal-to-noise ratio. Leverage Kusto Query Language (KQL) and advanced hunting queries in Microsoft Sentinel/Defender to create custom detections that catch real threats while minimizing false positives. Adjust alerting based on emerging threat patterns and the unique needs of each client's environment, all with the goal of reducing alert fatigue and focusing on what matters most.
• Automation & Scripting: Develop automation scripts and workflows to streamline security operations tasks and ensure compliance evidence is captured. Use tools like PowerShell, Azure Logic Apps, or API integrations to automate repetitive tasks (for example, user onboarding/offboarding in Azure AD, or bulk policy changes) and to integrate security data between systems. Implement RMM (Remote Monitoring and Management) scripts to deploy patches or configuration changes at scale, thereby saving time and reducing human error.
• Documentation & Compliance Evidence: Maintain comprehensive documentation for all security operations activities. This includes updating network diagrams, runbooks, incident logs, and knowledge base articles. Ensure that for every change or incident, appropriate evidence is collected and stored to support CMMC Level 2 compliance and client audit needs. You'll contribute to quarterly reports and executive briefings by providing the technical details and metrics that demonstrate security posture improvements. Use AI to assist in automating production and validation of documentation.
• Client Education & Collaboration: Work closely with the Customer Success Manager and compliance consultants to educate clients on security best practices and emerging threats. Participate in Quarterly Business Reviews (QBRs) with clients to present security updates, discuss findings from incidents or assessments, and outline planned improvements. By translating technical jargon into clear, relatable insights, you help clients understand the value of our services and how we're keeping them safe.
• Continuous Improvement: Stay current on the latest cybersecurity threats, Microsoft cloud security updates, and industry trends. Proactively recommend and implement enhancements to our managed security service – whether it's adopting a new Microsoft security feature, improving an internal process, or contributing to team training sessions. In our culture, every engineer has a voice in how we get better.