Zero Trust & Purview Engineer
Location: US
Employment type: Full-Time
Time zone: EST
Position Overview:
REW’s Enhanced Designated Engineering (EDE) offering delivers proactive, deeply technical, and personalized cybersecurity engineering expertise. As a Cybersecurity Engineer specializing in Zero Trust, Microsoft Purview, and Microsoft Defender solutions, you will partner closely with enterprise customers to strengthen their security posture through proactive threat management, compliance optimization, and robust endpoint and data security.
You will act as a trusted advisor, helping customers implement comprehensive Zero Trust architectures, secure sensitive data, mitigate insider threats, and optimize endpoint security strategies. Your role includes influencing Microsoft’s security products by providing direct customer insights to engineering teams, continuously enhancing product capabilities and security standards. This position offers remote flexibility.
Responsibilities:
Proactive Security Engineering & Zero Trust Implementation: Guide enterprise customers in designing and deploying Zero Trust architectures, emphasizing endpoint security (Microsoft Defender for Endpoint – MDE), identity protection, and secure access. Implement and optimize Microsoft Purview for data governance, compliance, insider risk management, data classification, and data loss prevention (DLP). Perform threat hunting, attack surface reduction, vulnerability assessments, and compliance risk analyses. Configure security policies, including endpoint detection and response (EDR), automated investigations, sensitivity labeling, encryption, and access controls. Incident Prevention, Threat Management & Response: Conduct proactive threat detection and anomaly analysis using Microsoft Defender XDR, Microsoft Sentinel (SIEM), and Purview Insider Risk Management. Lead forensic investigations, breach analyses, and insider threat assessments. Enhance incident response processes, security monitoring strategies, and automated compliance workflows to reduce risks and improve response times. Customer Engagement & Technical Leadership: Develop deep, trusted relationships with enterprise customers, providing tailored recommendations and proactive cybersecurity guidance. Lead technical workshops, training sessions, and briefings focused on Microsoft Purview, Microsoft Defender, and Zero Trust best practices. Collaborate closely with CISOs, security analysts, compliance officers, SOC teams, and IT administrators to align security strategies with organizational goals. Collaboration with Microsoft & Continuous Improvement: Work closely with Microsoft’s security engineering teams to contribute feedback influencing future product roadmaps and feature enhancements. Participate in early-access preview programs, product testing, and customer pilots. Develop and share cybersecurity best practices, case studies, and documentation internally and externally.
3+ years of experience in cybersecurity, threat detection, incident response, compliance, or endpoint security.8+ years working with Microsoft technologies.
English proficiency: B2+ or higher. Strong problem-solving, analytical, and troubleshooting skills. Excellent communication skills, capable of clearly explaining complex security concepts to both technical and non-technical audiences.
Hands-on experience with Microsoft Purview and Microsoft Defender solutions (MDE, Defender for Identity, Defender for Cloud Apps, Defender for Office 365).Deep understanding of Zero Trust principles (identity-driven security, network segmentation, least privilege access, continuous verification).Proficiency in threat hunting, malware analysis, endpoint forensic investigations, data classification, and compliance management.
Knowledge of regulatory compliance frameworks (GDPR, HIPAA, ISO 27001, NIST 800-53, SOC 2).Ability to collaborate effectively across cross-functional teams, including IT security, SOC, compliance, and legal departments.
Ability to learn fast.
Preferred Qualifications:
Microsoft Security Certifications (e.g., SC-400, SC-200, AZ-500).Industry certifications (CISSP, CISM, CEH, GIAC, OSCP).Experience with Microsoft Sentinel (SIEM), Defender for Cloud, and cloud-native security solutions. Proficiency with PowerShell, Kusto Query Language (KQL), and security automation scripting.
Familiarity with EDR, network security, advanced threat analytics, and GRC platforms.
Experience with government, financial, or healthcare compliance requirements.