Security Engineer (Microsoft 365 Security & Detection)

DescriptionDue to continuing growth, we are seeking a Security Engineer focused on securing and monitoring a Microsoft 365–centric environment. This role is responsible for detecting and responding to threats across Entra ID (Azure AD), Microsoft Defender, Intune-managed endpoints, and Microsoft 365 services including Exchange Online, SharePoint, and Teams.You will play a key role in improving visibility, strengthening access controls, and building scalable detection and response capabilities across cloud and endpoint systems.Who we are:Platform Accounting Group is a rapidly growing professional services firm providing tax, accounting, assurance, IT consulting, and wealth management services to small and medium sized businesses and their owners. We currently have 50+ offices across 15 states with much more growth on the horizon. Enjoy a professional and dynamic work environment while making work/life balance a priority.What you will do:Monitor and investigate alerts across Microsoft Defender (Defender for Endpoint, Defender for Identity, Defender for Office 365) and associated security platformsAnalyze Entra ID (Azure AD) sign-in logs, audit logs, and risky sign-in activity to identify potential account compromise or misuseRespond to security incidents involving endpoints, identities, email, and collaboration platformsTune and optimize detection rules, alert thresholds, and signal-to-noise ratios within SIEM and Microsoft security toolsPerform log analysis and basic threat hunting using tools such as Microsoft Sentinel, Defender Advanced Hunting, and audit logsImplement and validate Conditional Access policies, MFA enforcement, and identity protection controlsSupport endpoint security through Intune and Defender for Endpoint, including policy enforcement, device compliance, and response actionsCollaborate with IT to harden Microsoft 365 configurations (Exchange Online, SharePoint, Teams) and reduce attack surfaceSupport vulnerability management by identifying gaps and coordinating remediation across systems and endpointsMaintain clear and audit-ready documentation of incidents, controls, and response activitiesAssist with eDiscovery, audit requests, and compliance-related investigations when requiredIdentify gaps in monitoring, coverage, or controls and recommend improvements to security architectureWhat we look for:Core Knowledge & ExperienceStrong understanding of Microsoft 365 security architecture, including Entra ID, Exchange Online, SharePoint, and TeamsExperience with Microsoft Defender security stack (Defender for Endpoint, Office 365, Identity, or Cloud Apps)Familiarity with identity security concepts such as MFA, Conditional Access, and identity riskExperience with endpoint management and security using Microsoft Intune or similar platformsWorking knowledge of incident response processes and common attack techniques (phishing, credential abuse, lateral movement)Technical Skills (One or More of the Following)Log analysis and threat hunting using Microsoft Sentinel or Defender Advanced Hunting (KQL experience preferred)Experience configuring and tuning alerts in SIEM, EDR, or cloud-native security toolsScripting or automation using PowerShell, KQL, or PythonExperience with email security, phishing analysis, and investigation within Exchange OnlineOperational & Behavioral SkillsAbility to investigate and document security incidents with clarity and precisionStrong communication skills with both technical and non-technical stakeholdersAbility to collaborate across IT, infrastructure, and compliance teamsStrong ownership mindset and ability to drive issues through resolutionContinuous learning mindset with interest in cloud security and advanced detectionPreferred, But Not RequiredExperience with Microsoft Purview (compliance, audit, or eDiscovery)Familiarity with regulatory or compliance frameworks (e.g., SOC 2, GLBA, HIPAA)Exposure to automation, detection engineering, or security orchestration (SOAR)Experience supporting security operations in a cloud-first or hybrid environmentExperience with AVD and Azure infrastructure What we offer:Opportunity for advancement within a rapidly growing professional services firmCompetitive compensation401(k) and medical benefits