The Momba Group
Information Security Engineer (12-Month Contract)
Location:
Des Moines, IA (onsite/hybrid) Local Candidates Are Only Being Considered Overview
We're seeking a hands-on
Information Security Engineer
to strengthen our Microsoft-centric security posture and protect enterprise systems from evolving threats. This 12-month contract focuses on the
Microsoft security stack
(Defender XDR, Intune/Endpoint Manager, Microsoft Sentinel, Entra ID/Azure AD, Purview) with complementary control of
Palo Alto Networks
next-gen firewalls (Panorama, Prisma Access optional). You'll monitor, detect, respond, and harden across cloud and on-prem, partnering closely with Infrastructure, Network, and Application teams. What You'll Do
Threat Detection & Response
Own triage/response in
Microsoft Defender XDR
(Endpoint, Identity, Office 365, Cloud Apps) and
Microsoft Sentinel
(SIEM/SOAR) with KQL analytics, custom analytics rules, playbooks, and automation. Hunt for threats using endpoint, identity, and network telemetry; build detection logic and enrichment pipelines. Lead incident response across identification, containment, eradication, recovery, and post-incident review; maintain IR runbooks.
Identity, Access, & Device Security (Microsoft Entra ID/Azure AD + Intune)
Implement and tune
Conditional Access , MFA, PIM, identity protection risk policies, and SSO app integrations. Harden device posture with
Intune/Endpoint Manager
(Windows security baselines, BitLocker, Defender AV/EDR, attack surface reduction, device compliance policies).
Cloud & Platform Hardening (Azure)
Improve security posture using
Defender for Cloud
recommendations; remediate high-risk misconfigurations across compute, storage, PaaS. Apply Azure network security controls: NSGs, ASGs,
Azure Firewall , WAF, Private Endpoints, and segmentation.
Network Security (Palo Alto)
Administer
Palo Alto NGFWs
and
Panorama : security policies, App-ID/URL-Filtering, User-ID, SSL decryption, threat profiles, and IPS. Optimize logging and integrations with Sentinel/Defender; support remote access and site-to-site VPNs. (Nice to have) Experience with
Prisma Access
or GlobalProtect.
Vulnerability & Configuration Management
Coordinate scanning (e.g., Tenable/Qualys), validate findings, prioritize by risk, and drive remediation SLAs. Enforce Windows hardening (CIS/NIST baselines), patching cadence, and secure configurations for servers, endpoints, and Azure resources.
Data Protection & Compliance
Implement
Microsoft Purview
/ Information Protection (sensitivity labels, DLP, Insider Risk) and monitor policy effectiveness. Map controls to frameworks (NIST CSF, CIS Controls, ISO 27001; plus PCI/HIPAA/SOX as applicable) and contribute to audit evidence.
Automation, Telemetry & Documentation
Build SOAR/Logic Apps automation in Sentinel; script with
PowerShell
and
KQL
for response, enrichment, and reporting. Publish playbooks, SOPs, and knowledge articles; deliver metrics (MTTD/MTTR, incident volumes, vulnerability risk burn-down).
What You'll Bring
Experience:
3-5+ years in information security engineering or SOC/IR roles with significant Microsoft security exposure. Microsoft Stack Expertise:
Defender XDR
(Endpoint, Identity, Office 365, Cloud Apps) tuning & response Microsoft Sentinel
(KQL, analytics rules, UEBA, playbooks/Logic Apps) Entra ID/Azure AD
(Conditional Access, MFA, PIM, identity protection) Intune/Endpoint Manager
(baselines, compliance, ASR, BitLocker) Defender for Cloud
posture management; Azure security fundamentals
Network/Palo Alto:
Administering
Palo Alto NGFWs
and
Panorama
(policies, objects, IPS profiles, decryption, VPN); solid grasp of TCP/IP, routing, DNS, DHCP, TLS, and segmentation. Vuln Mgmt:
Tenable/Qualys (or similar), CVSS understanding, remediation workflows. Scripting & Analytics:
Strong
PowerShell ; comfortable with
KQL
for hunting and dashboards. Security Concepts:
EDR/XDR, SIEM/SOAR, IAM, PKI, DLP, encryption, zero trust, least privilege, logging/telemetry design. Soft Skills:
Analytical mindset, clear written/verbal communication, ability to partner cross-functionally and drive outcomes. Nice-to-Have
Certifications:
SC-200, SC-300, AZ-500, MS-500, SC-400 ,
Palo Alto PCNSA/PCNSE ,
Security+ ,
GCIH/GCED . Experience with
Prisma Access ,
GlobalProtect ,
Windows Server/AD
hardening, PKI/Certificate Services, or M365 tenant hardening. Exposure to container/Kubernetes security (AKS), IaC guardrails (Bicep/Terraform with Policy), or secret management (Key Vault). Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Food and Beverage Manufacturing Referrals increase your chances of interviewing at The Momba Group by 2x Were removing unnecessary prompts and focusing on a concise job description. #J-18808-Ljbffr
Location:
Des Moines, IA (onsite/hybrid) Local Candidates Are Only Being Considered Overview
We're seeking a hands-on
Information Security Engineer
to strengthen our Microsoft-centric security posture and protect enterprise systems from evolving threats. This 12-month contract focuses on the
Microsoft security stack
(Defender XDR, Intune/Endpoint Manager, Microsoft Sentinel, Entra ID/Azure AD, Purview) with complementary control of
Palo Alto Networks
next-gen firewalls (Panorama, Prisma Access optional). You'll monitor, detect, respond, and harden across cloud and on-prem, partnering closely with Infrastructure, Network, and Application teams. What You'll Do
Threat Detection & Response
Own triage/response in
Microsoft Defender XDR
(Endpoint, Identity, Office 365, Cloud Apps) and
Microsoft Sentinel
(SIEM/SOAR) with KQL analytics, custom analytics rules, playbooks, and automation. Hunt for threats using endpoint, identity, and network telemetry; build detection logic and enrichment pipelines. Lead incident response across identification, containment, eradication, recovery, and post-incident review; maintain IR runbooks.
Identity, Access, & Device Security (Microsoft Entra ID/Azure AD + Intune)
Implement and tune
Conditional Access , MFA, PIM, identity protection risk policies, and SSO app integrations. Harden device posture with
Intune/Endpoint Manager
(Windows security baselines, BitLocker, Defender AV/EDR, attack surface reduction, device compliance policies).
Cloud & Platform Hardening (Azure)
Improve security posture using
Defender for Cloud
recommendations; remediate high-risk misconfigurations across compute, storage, PaaS. Apply Azure network security controls: NSGs, ASGs,
Azure Firewall , WAF, Private Endpoints, and segmentation.
Network Security (Palo Alto)
Administer
Palo Alto NGFWs
and
Panorama : security policies, App-ID/URL-Filtering, User-ID, SSL decryption, threat profiles, and IPS. Optimize logging and integrations with Sentinel/Defender; support remote access and site-to-site VPNs. (Nice to have) Experience with
Prisma Access
or GlobalProtect.
Vulnerability & Configuration Management
Coordinate scanning (e.g., Tenable/Qualys), validate findings, prioritize by risk, and drive remediation SLAs. Enforce Windows hardening (CIS/NIST baselines), patching cadence, and secure configurations for servers, endpoints, and Azure resources.
Data Protection & Compliance
Implement
Microsoft Purview
/ Information Protection (sensitivity labels, DLP, Insider Risk) and monitor policy effectiveness. Map controls to frameworks (NIST CSF, CIS Controls, ISO 27001; plus PCI/HIPAA/SOX as applicable) and contribute to audit evidence.
Automation, Telemetry & Documentation
Build SOAR/Logic Apps automation in Sentinel; script with
PowerShell
and
KQL
for response, enrichment, and reporting. Publish playbooks, SOPs, and knowledge articles; deliver metrics (MTTD/MTTR, incident volumes, vulnerability risk burn-down).
What You'll Bring
Experience:
3-5+ years in information security engineering or SOC/IR roles with significant Microsoft security exposure. Microsoft Stack Expertise:
Defender XDR
(Endpoint, Identity, Office 365, Cloud Apps) tuning & response Microsoft Sentinel
(KQL, analytics rules, UEBA, playbooks/Logic Apps) Entra ID/Azure AD
(Conditional Access, MFA, PIM, identity protection) Intune/Endpoint Manager
(baselines, compliance, ASR, BitLocker) Defender for Cloud
posture management; Azure security fundamentals
Network/Palo Alto:
Administering
Palo Alto NGFWs
and
Panorama
(policies, objects, IPS profiles, decryption, VPN); solid grasp of TCP/IP, routing, DNS, DHCP, TLS, and segmentation. Vuln Mgmt:
Tenable/Qualys (or similar), CVSS understanding, remediation workflows. Scripting & Analytics:
Strong
PowerShell ; comfortable with
KQL
for hunting and dashboards. Security Concepts:
EDR/XDR, SIEM/SOAR, IAM, PKI, DLP, encryption, zero trust, least privilege, logging/telemetry design. Soft Skills:
Analytical mindset, clear written/verbal communication, ability to partner cross-functionally and drive outcomes. Nice-to-Have
Certifications:
SC-200, SC-300, AZ-500, MS-500, SC-400 ,
Palo Alto PCNSA/PCNSE ,
Security+ ,
GCIH/GCED . Experience with
Prisma Access ,
GlobalProtect ,
Windows Server/AD
hardening, PKI/Certificate Services, or M365 tenant hardening. Exposure to container/Kubernetes security (AKS), IaC guardrails (Bicep/Terraform with Policy), or secret management (Key Vault). Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Food and Beverage Manufacturing Referrals increase your chances of interviewing at The Momba Group by 2x Were removing unnecessary prompts and focusing on a concise job description. #J-18808-Ljbffr