Job Description: Onsite Security Engineer Role Overview The Onsite Security Engineer is responsible for managing and supporting enterprise security technologies at the client location. This includes Endpoint Detection & Response (EDR), Extended Detection & Response (XDR), Microsoft Security stack, network security controls, cloud security, and secure internet gateways. The role requires hands‑on expertise in Microsoft Defender ecosystem, Azure security, Cisco firewalls, and automation using PowerShell, ensuring proactive threat detection, response, and compliance with security standards.Key Responsibilities Security Operations & Threat ManagementManage and monitor EDR/XDR platforms for threat detection and response.Investigate security incidents, alerts, and anomalies and provide timely remediation.Perform threat hunting and root cause analysis.Maintain security baselines and hardening standards.Microsoft Security & IdentityManage Microsoft 365 Security including email protection, anti-phishing, Safe Links, and Safe Attachments.Support Entra ID (Azure AD) security configurations including conditional access, MFA, and identity protection.Ensure compliance with Microsoft security best practices and frameworks.Cloud Security (Azure)Secure Azure environments including VMs, storage, networking, and identity.Implement Microsoft Defender for Cloud recommendations and policies.Monitor cloud security posture and remediate risks.Support secure architecture and governance in Azure environments.Cisco Firewalls & Network SecurityManage and support Cisco firewalls including configuration, policy management, VLANs, and VPNs.Implement and maintain secure internet gateways such as Zscaler.Monitor and troubleshoot network security incidents.Support segmentation and zero trust network initiatives.Endpoint SecuritySecure Windows servers and endpoints through patching, hardening, and monitoring.Ensure endpoint compliance using Microsoft Defender and related tools.Support vulnerability management and remediation.Automation & ScriptingDevelop and maintain PowerShell scripts for automation of security tasks.Integrate security tools and workflows for improved efficiency.Support automation in incident response and reporting.Manage incidents and service requests via ITSM tools (ServiceNow or equivalent).Ensure SLA adherence and proper documentation.Coordinate with SOC, cloud, and infrastructure teams.Required Skills & Qualifications Technical SkillsStrong hands‑on experience with Microsoft Defender suite (Endpoint, Office 365, Cloud).Experience with EDR/XDR platforms.Expertise in Azure security and cloud governance.Strong knowledge of Cisco firewalls, VLANs, and VPNs.Experience with Zscaler or similar secure web gateway solutions.Proficiency in PowerShell scripting and automation.Understanding of networking concepts (TCP/IP, DNS, routing, segmentation).Familiarity with SIEM/SOAR tools is a plus.Knowledge of security frameworks (NIST, ISO 27001, CIS benchmarks).Soft SkillsStrong analytical and problem‑solving skills.Excellent communication and stakeholder management skills.Ability to work independently in a client‑facing onsite role.Strong documentation and reporting skills.Education & ExperienceBachelor’s degree in Information Security, Computer Science, or related field.5–10 years of experience in cybersecurity / security engineering roles.Relevant certifications preferred: Microsoft Security, Azure Security Engineer, CISSP, CEH, or equivalent.Work ConditionsStandard business hours with on‑call support for critical incidents.#J-18808-Ljbffr