Security and Compliance Engineer

Security and Compliance Engineer

Department: IS&T

Employment Type: Full Time

Location: Shield Technology Partners - Remote

Reporting To: Ryan Eastman

Compensation: $150,000 - $200,000 / year

We are seeking a highly skilled Security and Compliance Engineer to join the IS&T team at Shield Technology Partners. This role is critical in fortifying our internal infrastructure, specifically focusing on the Microsoft ecosystem and our expanding SaaS portfolio. You will be responsible for the architecture, enforcement, and continuous monitoring of our security posture to ensure we meet the highest industry standards.

This role will require occasional travel for in‑person company meetings.

Core duties and responsibilities include the following. Other duties may be assigned:

• Design and implement security configurations within Azure and M365 to mitigate identity‑based threats.
• Manage and audit Microsoft Entra  (formerly Azure AD), including Conditional Access policies, Privileged Identity Management (PIM), and Identity Protection.
• Conduct regular security assessments of the M365 tenant using Microsoft Secure Score and industry benchmarks.

• Lead the integration of all internal SaaS applications behind Single Sign‑On (SSO) via Entra .
• Enforce Multi‑Factor Authentication (MFA) and passwordless strategies across all corporate platforms.
• Monitor and secure API‑based integrations between SaaS products to prevent data leakage and unauthorized access.

• Oversee the deployment and management of Mobile Device Management (MDM) via Microsoft Intune for a diverse fleet of devices.
• Administer and tune Sentinel One (or equivalent EDR) for proactive threat hunting, automated response, and endpoint hardening.
• Develop automated remediation scripts to address non‑compliant devices in real‑time.

• Act as the primary technical lead for internal security alerts, investigating potential breaches and coordinating response efforts.
• Configure and monitor logging and alerting systems to identify anomalous behavior across the cloud environment.
• Perform root cause analysis (RCA) following security incidents to improve defensive layers.

• Ensure the organization’s technical controls align with relevant compliance frameworks (e.g., SOC2, ISO 27001, or NIST).
• Maintain comprehensive documentation of security architectures, policies, and standard operating procedures (SOPs).
• Coordinate internal audits and vulnerability scans, ensuring timely remediation of discovered weaknesses.

Education and work experience:

• Bachelor’s or Master’s degree in Computer Science, Information Systems, or a related technical field.
• 10+ years of progressive leadership experience in IT operations, systems architecture, or engineering management.

Skills and knowledge:

• Platform Expertise: Deep technical knowledge of Azure, Microsoft Entra , and the M365 Security & Compliance Centers.
• Security Tooling: Hands‑on experience with EDR/XDR platforms (Sentinel One preferred) and MDM solutions (Intune).
• Identity Architecture: Proficiency in SAML 2.0, OAuth 2.0, and OIDC for SaaS integrations.