Lead MS Security Engineer
Paladin Consulting, Fort Worth, TX, United States
Job Title:
Security Engineer II (MS Lead)
Work Location:
Downtown Fort Worth (on-site)
Duration:
6 month contract-to-hire
Education/Experience Required:
Microsoft Security stack subject matter expertise (SME)
Job Description & Responsibilities:
Engineer, configure, and maintain Microsoft Defender suite (Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps) across the enterprise environment
Manage daily security alert triage, investigation, and remediation while simultaneously driving project backlog to completion
Design and architect security solutions for cross-functional teams including Networking, Service Delivery, and Digital Workplace to execute against
Lead a security engineering team of two direct peers, providing technical mentorship, workload prioritization, and escalation support
Administer and enforce security policies through Microsoft Entra ID (Conditional Access, identity governance, access reviews, lifecycle workflows)
Manage endpoint security posture via Microsoft Intune, including compliance policies, configuration profiles, and mobile device onboarding
Deploy and maintain Microsoft Security Baselines across endpoints and infrastructure
Develop and tune Attack Surface Reduction (ASR) rules in Defender aligned to current best practices
Implement and manage Microsoft Purview capabilities including Data Security Posture Management (DSPM) for AI
Audit and remediate stale user accounts, orphaned devices, interactive service accounts, and non-compliant endpoint objects within Active Directory
Enforce communication security controls such as external Teams messaging restrictions and authenticated SMTP policies
Evaluate, restrict, and block non-approved AI tools across the environment
Integrate security telemetry with SIEM/logging platforms (e.g., Defender for Identity to Sumo Logic)
Leverage Microsoft Security Copilot to augment investigation, reporting, and response workflows
Manage Secure Boot certificate updates and AD structural lockdowns for endpoint object organization
Collaborate with leadership on security roadmap and contribute to the team's growth trajectory toward a Security Manager function
Skills & Qualifications:
5-7+ years of hands-on security engineering experience with deep focus on the Microsoft Security stack
~2+ years of experience in a Team Lead or senior individual contributor role with direct responsibility for guiding peers or junior engineers
Subject Matter Expert-level proficiency across Microsoft Defender suite, Microsoft Entra ID, and Microsoft Intune
Strong working knowledge of Active Directory administration, Group Policy, and endpoint lifecycle management
Experience deploying and managing Microsoft Security Baselines and Attack Surface Reduction policies
Familiarity with Microsoft Purview, Security Copilot, and Microsoft 365 security and compliance tooling
Demonstrated ability to architect security solutions and hand off actionable implementation plans to cross-functional infrastructure teams
Experience integrating Microsoft security telemetry with third-party SIEM or log aggregation platforms
Ability to balance reactive alert-driven work with proactive project execution in parallel
Strong communication skills with the ability to translate technical security concepts for non-technical stakeholders and cross-functional teams
Microsoft security certifications (SC-200, SC-300, AZ-500, MS-102) are a plus but not required
Preferred / Nice-to-have Skills:
Experience with Sumo Logic for log aggregation, query building, or dashboard creation
Familiarity with Fortinet security products (FortiGate, FortiAnalyzer, or related)
Experience working alongside or within a ReliaQuest (GreyMatter) MSSP engagement, including alert co-management, tuning, or escalation workflows
For more information or to view other opportunities, visit us at
www.paladininc.com.
Paladin Consulting is an EEOC employer.
Security Engineer II (MS Lead)
Work Location:
Downtown Fort Worth (on-site)
Duration:
6 month contract-to-hire
Education/Experience Required:
Microsoft Security stack subject matter expertise (SME)
Job Description & Responsibilities:
Engineer, configure, and maintain Microsoft Defender suite (Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps) across the enterprise environment
Manage daily security alert triage, investigation, and remediation while simultaneously driving project backlog to completion
Design and architect security solutions for cross-functional teams including Networking, Service Delivery, and Digital Workplace to execute against
Lead a security engineering team of two direct peers, providing technical mentorship, workload prioritization, and escalation support
Administer and enforce security policies through Microsoft Entra ID (Conditional Access, identity governance, access reviews, lifecycle workflows)
Manage endpoint security posture via Microsoft Intune, including compliance policies, configuration profiles, and mobile device onboarding
Deploy and maintain Microsoft Security Baselines across endpoints and infrastructure
Develop and tune Attack Surface Reduction (ASR) rules in Defender aligned to current best practices
Implement and manage Microsoft Purview capabilities including Data Security Posture Management (DSPM) for AI
Audit and remediate stale user accounts, orphaned devices, interactive service accounts, and non-compliant endpoint objects within Active Directory
Enforce communication security controls such as external Teams messaging restrictions and authenticated SMTP policies
Evaluate, restrict, and block non-approved AI tools across the environment
Integrate security telemetry with SIEM/logging platforms (e.g., Defender for Identity to Sumo Logic)
Leverage Microsoft Security Copilot to augment investigation, reporting, and response workflows
Manage Secure Boot certificate updates and AD structural lockdowns for endpoint object organization
Collaborate with leadership on security roadmap and contribute to the team's growth trajectory toward a Security Manager function
Skills & Qualifications:
5-7+ years of hands-on security engineering experience with deep focus on the Microsoft Security stack
~2+ years of experience in a Team Lead or senior individual contributor role with direct responsibility for guiding peers or junior engineers
Subject Matter Expert-level proficiency across Microsoft Defender suite, Microsoft Entra ID, and Microsoft Intune
Strong working knowledge of Active Directory administration, Group Policy, and endpoint lifecycle management
Experience deploying and managing Microsoft Security Baselines and Attack Surface Reduction policies
Familiarity with Microsoft Purview, Security Copilot, and Microsoft 365 security and compliance tooling
Demonstrated ability to architect security solutions and hand off actionable implementation plans to cross-functional infrastructure teams
Experience integrating Microsoft security telemetry with third-party SIEM or log aggregation platforms
Ability to balance reactive alert-driven work with proactive project execution in parallel
Strong communication skills with the ability to translate technical security concepts for non-technical stakeholders and cross-functional teams
Microsoft security certifications (SC-200, SC-300, AZ-500, MS-102) are a plus but not required
Preferred / Nice-to-have Skills:
Experience with Sumo Logic for log aggregation, query building, or dashboard creation
Familiarity with Fortinet security products (FortiGate, FortiAnalyzer, or related)
Experience working alongside or within a ReliaQuest (GreyMatter) MSSP engagement, including alert co-management, tuning, or escalation workflows
For more information or to view other opportunities, visit us at
www.paladininc.com.
Paladin Consulting is an EEOC employer.