Responsibilities Own the day-to-day security operations for a HIPAA-regulated, cloud-only environment Harden Microsoft security stack, run incident response, hunt threats, and build the security program Investigate alerts, tune detections, close gaps in Conditional Access, ensure compliance posture Manage and refine Conditional Access policies, administer Privileged Identity Management (PIM) Harden Exchange Online Protection and own email authentication projects Write and tune KQL queries in Microsoft Defender Advanced Hunting and triage alerts Implement Microsoft Purview information protection labels, DLP policies, and retention rules Execute posture improvement roadmaps with external Microsoft security partner Requirements 3+ years in a hands-on security operations, security engineering, or security analyst role Deep working knowledge of Microsoft 365 security stack: Defender for Office 365, Entra ID, Conditional Access, Intune Experience investigating and remediating email compromise, phishing, and identity-based attacks Hands-on experience with email authentication (SPF, DKIM, DMARC) and Exchange Online Protection / Defender for Office 365 Proficiency with KQL for threat hunting and log analysis Understanding of HIPAA security requirements and how they translate to technical controls Ability to work independently and prioritize in a fast-moving environment with minimal bureaucracy. #J-18808-Ljbffr