Security Engineer, Data
Applied Systems India Private Limited · Bengaluru, Karnataka, India
Software Development · 201-500 employees
About the role
Design and operate data protection and endpoint security infrastructure using the Microsoft Defender and Purview ecosystems. Own the deployment of data governance, DLP, and CASB capabilities to prevent breaches and ensure regulatory compliance.
What they look for
Requirements
Requires at least 3 years of security engineering experience with deep expertise in Microsoft's modern security stack and DLP solutions. Proficiency in scripting languages and knowledge of compliance frameworks like SOC 2, HIPAA, and GDPR is essential.
Full description
External Job Ad
Applied Systems is seeking an Infrastructure Security Engineer with deep expertise in the Microsoft Defender and Purview security ecosystems to design and operate our data protection and endpoint security infrastructure. You'll own the deployment and optimization of Microsoft Purview data governance and DLP, and Cloud App Security (CASB) capabilities across our Microsoft 365 environment. This role is perfect for an engineer who specializes in data security and has built real expertise with Microsoft's modern security stack, you'll work on high-impact initiatives around data classification, breach prevention, compliance automation, and endpoint threat response. You'll have the autonomy to own specific security domains while collaborating with cross-functional teams and incident response.ResponsibilitiesDesign, implement, and maintain security controls across the Microsoft Defender suite and data protection platformsDesign and deploy Microsoft Purview solutions including data classification, labeling, DLP, information barriers, and records managementImplement and manage Microsoft Purview Compliance Manager and audit logging for regulatory complianceDesign and maintain data security controls including Data Loss Prevention (DLP), encryption, and classification strategiesConduct security reviews and threat modeling of data flows and information governance modelsImplement and optimize Microsoft Cloud App Security (CASB) capabilities for SaaS application security and visibilityDevelop and maintain runbooks for data breach procedures and incident response involving Defender and Purview solutionsContribute to security monitoring, detection tuning, and alerting across Defender and Purview platformsAssist with proof-of-concept builds for new Microsoft Defender and Purview capabilitiesParticipate in the Security Engineering Team on-call rotationRequirementsMinimum of 3 years' experience in security engineering or data security, with hands-on work with Microsoft security productsAdvanced hands-on experience with modern DLP solutionsDemonstrated experience designing and implementing Microsoft Purview solutions for data governance and complianceWorking knowledge of Data Loss Prevention (DLP) design, policy creation, and tuning across email, Teams, and endpointsStrong understanding of data classification and sensitivity labeling strategies in Microsoft 365 environmentsExperience with Microsoft Cloud App Security (CASB) or equivalent CASB technologies for SaaS visibility and controlAdvanced knowledge of Windows and/or macOS operating systems, particularly regarding Defender for Endpoint agent deployment and managementExperience with one or more scripting languages (PowerShell, Python, Bash, C#)Knowledge of encryption technologies and key management in Microsoft 365 contextUnderstanding of audit logging, threat intelligence integration, and advanced hunting in Defender platformsKnowledge of compliance frameworks and their application in cloud environments (SOC 2, HIPAA, GDPR, PCI-DSS)Demonstrated ability to work with systems at scaleExcellent written and verbal communication skillsStrong problem-solving abilities and attention to detailPreferred QualificationsHands-on experience with Microsoft Purview Compliance Manager and regulatory compliance automationWorking knowledge of Microsoft Entra ID (formerly Azure AD) integration with Defender and Purview solutionsFamiliarity with Azure infrastructure (Azure Firewall, Network Security Groups, etc.)Experience with infrastructure-as-code technologies (Terraform, ARM templates, Bicep)Microsoft security certifications (Security Engineer, Enterprise Administrator, or similar)Experience with SIEM/SOAR integration with Microsoft Defender solutions