EUTEC Chamber
We are seeking a
Senior IT Security Expert
to own, design, and continuously improve the organization’s
IT security posture
across
infrastructure, network, identity, endpoints, and Microsoft platforms . This role exists to: Protect the organization against cyber threats Eliminate security gaps caused by poor design or misconfiguration Ensure security is
embedded by design , not added as an afterthought The IT Security Expert acts as the
technical authority for security , working closely with Architecture, Server, Microsoft, and Network experts. This is
not
a SOC analyst or compliance-only role. This role requires
deep technical security expertise Scope of Ownership The IT Security Expert owns security design and enforcement across: Network & Perimeter Security (Sophos Firewalls) Identity & Access Security (AD, Entra ID) Endpoint Security (Windows, Intune) Server & Infrastructure Security Microsoft 365 Security Vulnerability & Incident Management Quarterly IT Security Attack and Defense Simulations Key Responsibilities: Security Architecture & Secure-by-Design Define and maintain
security architecture principles Embed security requirements into: Network and firewall designs Cloud and hybrid architectures Review and approve designs from a
security perspective Work closely with the
Architecture Expert
to ensure alignment Network & Firewall Security (Sophos Focus) Act as security authority for
Sophos Firewall environments Design and govern: Firewall zone models Define standards for: Firewall rule design and lifecycle VPN security (site-to-site and remote access) Ensure secure connectivity between: Multiple office locations Identity & Access Security Own security controls for: Active Directory Design and enforce: MFA and Conditional Access Privileged access models Least-privilege principles Secure Joiner / Mover / Leaver processes Monitor and reduce identity-based attack surface Define and enforce endpoint security standards for: Windows 10 / 11 Work closely with the
Microsoft Expert
on: Intune security baselines Compliance policies Device compliance policies Reduce endpoint attack vectors and misconfigurations Server, Infrastructure & Platform Security Define security hardening standards for: Windows Server Hyper-V hosts and clusters Ensure secure configuration of: Patch management Privileged access Work with the
Senior Server, Linux & Datacenter Expert
on secure implementation Microsoft 365 Security & Compliance Implement and optimize: Microsoft Secure Score improvements Support: Data protection controls (DLP, sensitivity labels where applicable) Advise on secure usage of: Exchange Online SharePoint Online Teams Vulnerability & Incident Management Own vulnerability management process: Vulnerability scanning Lead response for: Security incidents Security breaches Conduct: Root-cause analysis Post-incident improvements Security Policies, Documentation & Governance Define and maintain: Security policies and standards Secure configuration baselines Clear Practical Enforced Support audits and compliance requirements Security Awareness & Advisory Role Act as
Level 3 / Expert escalation
for all security issues Advise management and IT leadership on: Security risks Threat landscape Support security awareness initiatives (technical scope) Quarterly IT Security Attack and Defense Simulation (Mandatory Responsibility) Plan, execute, and lead
Quarterly IT Security Attack and Defense Simulations Phishing and identity compromise Lateral movement Validate effectiveness of: Identity security (MFA, Conditional Access) Endpoint protection (Microsoft Defender) Network segmentation and firewall rules (Sophos) Incident detection and response processes Coordinate simulations with: IT Security team Infrastructure, Microsoft, and Network experts Document: Findings Gaps Define and track
remediation actions
after each simulation Report results and improvement roadmap to IT leadership Required Languages 8+ years
in IT security or infrastructure security roles Strong background in: Network and firewall security Identity and access security Endpoint and server security Proven experience securing enterprise environments Mandatory Technical Expertise Network & Firewall Security Network segmentation and VPN security Identity & Access Active Directory security Conditional Access and MFA Windows endpoint security Hyper-V security concepts Microsoft Security Secure Score optimization Soft Skills Strong analytical and risk-based mindset Ability to challenge insecure designs constructively Clear communication with technical and non-technical stakeholders High ownership and accountability Calm and structured approach during incidents Certification Requirements Mandatory (At Least One) Microsoft Certified: Security Operations Analyst Associate OR Microsoft Certified: Identity and Access Administrator Associate Strongly Preferred SC-100: Microsoft Cybersecurity Architect Expert Sophos Firewall Engineer / Architect Certification CISSP or CISM Nice to Have (Expert Signal) GIAC Security Operations (GCED / GCIA) Success Criteria Measurable improvement in security posture Quarterly simulations executed and documented Reduced security incidents and vulnerabilities Clear, enforced security standards across IT
#J-18808-Ljbffr
Senior IT Security Expert
to own, design, and continuously improve the organization’s
IT security posture
across
infrastructure, network, identity, endpoints, and Microsoft platforms . This role exists to: Protect the organization against cyber threats Eliminate security gaps caused by poor design or misconfiguration Ensure security is
embedded by design , not added as an afterthought The IT Security Expert acts as the
technical authority for security , working closely with Architecture, Server, Microsoft, and Network experts. This is
not
a SOC analyst or compliance-only role. This role requires
deep technical security expertise Scope of Ownership The IT Security Expert owns security design and enforcement across: Network & Perimeter Security (Sophos Firewalls) Identity & Access Security (AD, Entra ID) Endpoint Security (Windows, Intune) Server & Infrastructure Security Microsoft 365 Security Vulnerability & Incident Management Quarterly IT Security Attack and Defense Simulations Key Responsibilities: Security Architecture & Secure-by-Design Define and maintain
security architecture principles Embed security requirements into: Network and firewall designs Cloud and hybrid architectures Review and approve designs from a
security perspective Work closely with the
Architecture Expert
to ensure alignment Network & Firewall Security (Sophos Focus) Act as security authority for
Sophos Firewall environments Design and govern: Firewall zone models Define standards for: Firewall rule design and lifecycle VPN security (site-to-site and remote access) Ensure secure connectivity between: Multiple office locations Identity & Access Security Own security controls for: Active Directory Design and enforce: MFA and Conditional Access Privileged access models Least-privilege principles Secure Joiner / Mover / Leaver processes Monitor and reduce identity-based attack surface Define and enforce endpoint security standards for: Windows 10 / 11 Work closely with the
Microsoft Expert
on: Intune security baselines Compliance policies Device compliance policies Reduce endpoint attack vectors and misconfigurations Server, Infrastructure & Platform Security Define security hardening standards for: Windows Server Hyper-V hosts and clusters Ensure secure configuration of: Patch management Privileged access Work with the
Senior Server, Linux & Datacenter Expert
on secure implementation Microsoft 365 Security & Compliance Implement and optimize: Microsoft Secure Score improvements Support: Data protection controls (DLP, sensitivity labels where applicable) Advise on secure usage of: Exchange Online SharePoint Online Teams Vulnerability & Incident Management Own vulnerability management process: Vulnerability scanning Lead response for: Security incidents Security breaches Conduct: Root-cause analysis Post-incident improvements Security Policies, Documentation & Governance Define and maintain: Security policies and standards Secure configuration baselines Clear Practical Enforced Support audits and compliance requirements Security Awareness & Advisory Role Act as
Level 3 / Expert escalation
for all security issues Advise management and IT leadership on: Security risks Threat landscape Support security awareness initiatives (technical scope) Quarterly IT Security Attack and Defense Simulation (Mandatory Responsibility) Plan, execute, and lead
Quarterly IT Security Attack and Defense Simulations Phishing and identity compromise Lateral movement Validate effectiveness of: Identity security (MFA, Conditional Access) Endpoint protection (Microsoft Defender) Network segmentation and firewall rules (Sophos) Incident detection and response processes Coordinate simulations with: IT Security team Infrastructure, Microsoft, and Network experts Document: Findings Gaps Define and track
remediation actions
after each simulation Report results and improvement roadmap to IT leadership Required Languages 8+ years
in IT security or infrastructure security roles Strong background in: Network and firewall security Identity and access security Endpoint and server security Proven experience securing enterprise environments Mandatory Technical Expertise Network & Firewall Security Network segmentation and VPN security Identity & Access Active Directory security Conditional Access and MFA Windows endpoint security Hyper-V security concepts Microsoft Security Secure Score optimization Soft Skills Strong analytical and risk-based mindset Ability to challenge insecure designs constructively Clear communication with technical and non-technical stakeholders High ownership and accountability Calm and structured approach during incidents Certification Requirements Mandatory (At Least One) Microsoft Certified: Security Operations Analyst Associate OR Microsoft Certified: Identity and Access Administrator Associate Strongly Preferred SC-100: Microsoft Cybersecurity Architect Expert Sophos Firewall Engineer / Architect Certification CISSP or CISM Nice to Have (Expert Signal) GIAC Security Operations (GCED / GCIA) Success Criteria Measurable improvement in security posture Quarterly simulations executed and documented Reduced security incidents and vulnerabilities Clear, enforced security standards across IT
#J-18808-Ljbffr