Security Engineer - Microsoft 365 Security Administration

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.   

Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values. 

 

Role Overview 

We are looking for a Security Engineer for Microsoft 365 Security Administration to lead the security, governance, and protection of Microsoft 365 security and collaboration platforms, including Exchange Online, Microsoft Teams, OneDrive for Business, and Microsoft 365 Copilot. This role focuses on securing identities, protecting sensitive data, strengthening threat detection and response capabilities, and ensuring compliance with security best practices. You will work closely with IT and other security teams to improve security posture and drive the adoption of Microsoft security solutions.  

 

Responsibilities  

 

Microsoft 365 Security Administration  

• Administer, configure, and maintain Microsoft 365 security and collaboration platforms, including Exchange Online, Microsoft Teams, OneDrive for Business, and Microsoft 365 Copilot  

• Manage and enforce security policies across Microsoft 365 services, including email protection, collaboration controls, data sharing, retention, and compliance settings  

• Configure and maintain Microsoft Defender for Office 365, Exchange Online Protection (EOP), Safe Links, Safe Attachments, anti-phishing, and anti-spam policies  

• Monitor Microsoft 365 environments for suspicious activity, unauthorized access, risky behavior, and security posture gaps  

• Administer secure collaboration and external sharing controls for Microsoft Teams and OneDrive for Business  

• Support secure deployment, governance, and operational oversight of Microsoft 365 Copilot, including data access controls, compliance considerations, and AI security best practices  

• Review and remediate Microsoft Secure Score recommendations and continuously improve Microsoft 365 security posture  

• Maintain tenant configuration standards, governance documentation, operational procedures, and security baselines  

• Ensure Microsoft 365 services comply with organizational security, privacy, retention, and regulatory requirements  

  

Incident Response & Security Operations  

• Investigate and respond to Microsoft 365-related security incidents, including phishing, account compromise, malicious email activity, unauthorized sharing, and insider threats  

• Act as an escalation point for complex Microsoft 365 security and administration issues  

• Participate in incident response activities related to Exchange Online, Teams, OneDrive, Entra ID, and Microsoft Defender  

• Support audit, compliance, eDiscovery, and forensic investigations within Microsoft 365 environments  

• Maintain detailed documentation of incidents, remediation activities, and operational changes  

• Contribute to security awareness initiatives and help educate users on secure collaboration and Microsoft 365 best practices  

  

Security Monitoring & Automation  

• Monitor Microsoft 365 security alerts, audit logs, and Defender incidents to identify and respond to threats in a timely manner  

• Develop and maintain reporting, dashboards, and alerting for Microsoft 365 security and operational visibility  

• Automate routine administrative and security tasks using PowerShell, Microsoft Graph API, and native Microsoft 365 automation capabilities  

• Support integration of Microsoft 365 logs and alerts into SIEM/SOAR platforms such as Microsoft Sentinel  

• Assist with development and tuning of alerting, policies, and workflows to reduce operational overhead and improve detection accuracy  
    

Governance, Compliance & Collaboration  

• Partner with infrastructure, identity, compliance, and security teams to implement and maintain secure Microsoft 365 solutions  

• Support Data Loss Prevention (DLP), retention policies, sensitivity labels, and information protection initiatives across Microsoft 365 workloads  

• Assist with license management, service optimization, and adoption of Microsoft 365 security and compliance capabilities  

• Participate in Microsoft 365 governance reviews, audits, risk assessments, and remediation activities  

• Contribute to operational process improvements, documentation, and platform standardization efforts  
    

Continuous Learning 

• Stay current on Microsoft 365 platform updates, security capabilities, emerging threats, and Microsoft security roadmap changes  

• Maintain awareness of evolving AI governance and security considerations related to Microsoft 365 Copilot and generative AI technologies  

  

Key Qualifications  

• The knowledge, skills, and abilities typically acquired through the completion of a Bachelor’s degree in Information Technology, Cyber Security, Computer Science, Information Systems, or a related field, or equivalent practical experience.  

• 4-6+ years of experience administering and securing Microsoft 365 environments in enterprise organizations.  

• Hands-on experience with Exchange Online, Microsoft Teams, OneDrive for Business, Microsoft Entra ID, and Microsoft 365 administration.  

• Experience implementing and managing Microsoft Defender for Office 365, Exchange Online Protection (EOP), and Microsoft 365 security and compliance features.  

• Strong understanding of Microsoft 365 identity and access management, including Conditional Access, MFA, RBAC, and Zero Trust principles.  

• Experience supporting Microsoft 365 security operations, including phishing investigations, account compromise response, and audit log analysis.  

• Proficiency with PowerShell scripting and automation for Microsoft 365 administration and reporting.  

• Experience with Microsoft Purview compliance capabilities, including DLP, retention policies, sensitivity labels, and eDiscovery.  

• Familiarity with Microsoft 365 Copilot administration, governance, security considerations, and AI-related compliance best practices.  

• Experience integrating Microsoft 365 security telemetry with SIEM/SOAR platforms such as Microsoft Sentinel is preferred.  

• Strong understanding of email security, collaboration security, data protection, and cloud security best practices.  

• Ability to troubleshoot complex Microsoft 365 platform, security, and identity issues across multiple services.  

• Strong written and verbal communication skills, with the ability to communicate effectively with both technical and non-technical stakeholders.  

• Experience developing operational documentation, standards, and administrative procedures.  

• Relevant certifications such as Microsoft 365 Certified: Administrator Expert, Microsoft Security Administrator Associate (MS-500), Messaging Administrator Associate, SC-300, SC-400, AZ-104, or similar certifications are preferred.  

 

Why Truveta?  

Be a part of building something special. Now is the perfect time to join Truveta. We have strong, established leadership with decades of success. We are well-funded. We are building a culture that prioritizes people and their passions across personal, professional, and everything in between. Join us as we build an amazing company together.  

Truveta is committed to creating a diverse, inclusive, and empowering workplace. We believe that having employees, interns, and contactors with diverse backgrounds enables Truveta to better meet our mission and serve patients and health communities around the world. We recognize that opportunities in technology historically excluded and continue to disproportionately exclude Black and Indigenous people, people of color, people from working class backgrounds, people with disabilities, and LGBTQIA+ people. We strongly encourage individuals with these identities to apply even if you don’t meet all of the requirements.