Agile IT
MSP Engineer - Microsoft focused CyberSecurity (CMMC Level 2)
Agile IT, San Diego, California, United States, 92189
Company Description
Agile IT is a Microsoft-focused consulting and managed services provider. We help customers modernize and secure Microsoft 365, Azure, Azure Government, and Microsoft GCC High, with a mission to make CMMC Level 2 practical and sustainable through repeatable architectures, evidence automation, and managed operations.
What you'll work across (our services) Professional Services - Enablement (fixed-price projects) Managed Services - Security & CMMC Compliance for Microsoft cloud and on-premises systems Microsoft GCC High Licensing (secure onboarding & lifecycle operations) Complementary Partner Services (co-delivered with strategic partners) Job Description
You'll operate customer environments to CMMC Level 2 expectations, automate repetitive tasks, and continuously improve security and compliance outcomes. You're hands-on with Microsoft Defender, Sentinel, Entra ID, Intune, and Purview, and you love turning tickets into automations (Azure Logic Apps, RMM policies/scripts, or n8n workflows). You'll maintain SLAs/OLAs, reduce MTTR, and capture evidence for audits-without creating toil.
Responsibilities
Operate & secure Microsoft estates
Monitor, triage, and resolve incidents across Defender (Endpoint/Identity/Office/Cloud) and Microsoft Sentinel; tune analytics rules, KQL queries, and playbooks. Manage Entra ID (PIM, Conditional Access, MFA), Intune (compliance, baselines, hardening), and Purview (labels/DLP/insider risk). Maintain secure configurations for Azure (policy, RBAC, Key Vault, logging, networking) and common on-premises integrations (AD, file services, VPN, firewalls). CMMC L2 & compliance operations
Map operational work to NIST 800-171 practices; capture evidence automatically where possible (logs, reports, tickets). Contribute to control runbooks, SOPs, and customer artifacts (e.g., SSP/POA&M inputs in partnership with GRC resources). Support GCC High tenants and Azure Government as needed (we'll train where you need to ramp). Automation & reliability engineering
Build Azure Logic Apps/Power Automate playbooks, RMM scripts/policies, and n8n flows to eliminate manual steps (onboarding, patching, alert enrichment, evidence collection, remediation). Use PowerShell (and, when appropriate, Graph API, KQL, Bicep/Terraform) to codify repeatable operations. Measure results (time saved, error reduction, SLA impact) and iterate. Customer experience & service management
Work tickets to SLA; document root cause and preventive actions. Participate in on-call rotation for priority incidents (reasonable frequency). Contribute to QBRs with concise ops/health summaries and recommendations. Qualifications
Required qualifications
4+ years in an MSP or enterprise operations role supporting Microsoft 365/Azure security. Hands-on with Defender, Sentinel, Entra ID, Intune, and Purview (configure, monitor, remediate, and document). Automation experience in at least one of: Azure Logic Apps / Power Automate, RMM (policies, packaging, scripting), or n8n (or similar API integrators). PowerShell proficiency; able to read/write scripts for ops at scale. Solid ticket hygiene and service-management discipline (incident/problem/change). Strong written documentation (runbooks/SOPs) and clear customer communication. Education: College degree preferred, not required. Nice to have
Practical understanding of CMMC Level 2 (or NIST 800-171) and how to operate controls day-to-day (not just policy). Experience with Azure Government and Microsoft GCC High operations. KQL detection engineering; Sentinel content management at scale. IaC/automation (Bicep/Terraform), Graph API automation, or Git-based runbook versioning. Familiarity with PSA/RMM platforms and license operations (e.g., Microsoft NCE) for clean handoffs. Certifications: any of SC-200/300/400, AZ-500, AZ-104, MS-102; CMMC-aligned training (e.g., CCP) or security certs (Security+, CISSP). Additional Information
Compensation & benefits
Competitive executive compensation (base + performance bonus + stock options after first year). Comprehensive benefits (medical, retirement, PTO, professional development). Mission-driven work that directly strengthens the national security supply chain.
Agile IT is a Microsoft-focused consulting and managed services provider. We help customers modernize and secure Microsoft 365, Azure, Azure Government, and Microsoft GCC High, with a mission to make CMMC Level 2 practical and sustainable through repeatable architectures, evidence automation, and managed operations.
What you'll work across (our services) Professional Services - Enablement (fixed-price projects) Managed Services - Security & CMMC Compliance for Microsoft cloud and on-premises systems Microsoft GCC High Licensing (secure onboarding & lifecycle operations) Complementary Partner Services (co-delivered with strategic partners) Job Description
You'll operate customer environments to CMMC Level 2 expectations, automate repetitive tasks, and continuously improve security and compliance outcomes. You're hands-on with Microsoft Defender, Sentinel, Entra ID, Intune, and Purview, and you love turning tickets into automations (Azure Logic Apps, RMM policies/scripts, or n8n workflows). You'll maintain SLAs/OLAs, reduce MTTR, and capture evidence for audits-without creating toil.
Responsibilities
Operate & secure Microsoft estates
Monitor, triage, and resolve incidents across Defender (Endpoint/Identity/Office/Cloud) and Microsoft Sentinel; tune analytics rules, KQL queries, and playbooks. Manage Entra ID (PIM, Conditional Access, MFA), Intune (compliance, baselines, hardening), and Purview (labels/DLP/insider risk). Maintain secure configurations for Azure (policy, RBAC, Key Vault, logging, networking) and common on-premises integrations (AD, file services, VPN, firewalls). CMMC L2 & compliance operations
Map operational work to NIST 800-171 practices; capture evidence automatically where possible (logs, reports, tickets). Contribute to control runbooks, SOPs, and customer artifacts (e.g., SSP/POA&M inputs in partnership with GRC resources). Support GCC High tenants and Azure Government as needed (we'll train where you need to ramp). Automation & reliability engineering
Build Azure Logic Apps/Power Automate playbooks, RMM scripts/policies, and n8n flows to eliminate manual steps (onboarding, patching, alert enrichment, evidence collection, remediation). Use PowerShell (and, when appropriate, Graph API, KQL, Bicep/Terraform) to codify repeatable operations. Measure results (time saved, error reduction, SLA impact) and iterate. Customer experience & service management
Work tickets to SLA; document root cause and preventive actions. Participate in on-call rotation for priority incidents (reasonable frequency). Contribute to QBRs with concise ops/health summaries and recommendations. Qualifications
Required qualifications
4+ years in an MSP or enterprise operations role supporting Microsoft 365/Azure security. Hands-on with Defender, Sentinel, Entra ID, Intune, and Purview (configure, monitor, remediate, and document). Automation experience in at least one of: Azure Logic Apps / Power Automate, RMM (policies, packaging, scripting), or n8n (or similar API integrators). PowerShell proficiency; able to read/write scripts for ops at scale. Solid ticket hygiene and service-management discipline (incident/problem/change). Strong written documentation (runbooks/SOPs) and clear customer communication. Education: College degree preferred, not required. Nice to have
Practical understanding of CMMC Level 2 (or NIST 800-171) and how to operate controls day-to-day (not just policy). Experience with Azure Government and Microsoft GCC High operations. KQL detection engineering; Sentinel content management at scale. IaC/automation (Bicep/Terraform), Graph API automation, or Git-based runbook versioning. Familiarity with PSA/RMM platforms and license operations (e.g., Microsoft NCE) for clean handoffs. Certifications: any of SC-200/300/400, AZ-500, AZ-104, MS-102; CMMC-aligned training (e.g., CCP) or security certs (Security+, CISSP). Additional Information
Compensation & benefits
Competitive executive compensation (base + performance bonus + stock options after first year). Comprehensive benefits (medical, retirement, PTO, professional development). Mission-driven work that directly strengthens the national security supply chain.