Job Summary
Experience:
5.00 - 10.00 Years
Industrial Type:
IT-Hardware & Networking
Location:
Mumbai
Functional Area:
IT Software - Client Server
Designation:
Senior Microsoft Engineer
Key Skills:
Purview AND Intune AND (Entra ID OR EntraID OR Entra-ID OR AAD OR Azure Active OR AzureAD OR Azure AD)
Educational Level:
Graduate/Bachelors
Job Post Date:
2026-06-02 17:48:16
Stream of Study:
Degree:
BCA, BE-Comp/IT, BE-Other, BSc-Comp/IT, BSc-Other, BTech-Comp/IT, BTech-Other, MCA, ME-Comp/IT, ME-Other, MSc-Comp/IT, MSc-Other, MTech-Comp/IT, MTech-Other
Company Description
Our Client is built on an AI-first, technology-agnostic approach to cybersecurity - engineered to outpace evolving threats, maximize ROI from existing investments, and strengthen enterprise-wide secu rity posture. Our Client help organizations tackle complex cybersecurity challenges with intelligence-led, outcome-focused services - delivered by experts with deep real-world experience to drive tangible business outcomes.
Job Description
Job Title: Senior Microsoft Engineer
Location: Thane, Mumbai
Type: Full-Time
Department: IT Services and Security
It is Work from Office & 24X7 Rotational Shift
Key Responsibilities
1. Microsoft Intune, Endpoint Security & Device Governance
• Design, deploy, and manage Microsoft Intune for endpoint management, device compliance, application protection, and security policy enforcement.
• Configure and maintain device enrollment profiles, compliance policies, configuration profiles, security baselines, and endpoint protection policies.
• Implement Mobile Device Management and Mobile Application Management controls for corporate and BYOD environments.
• Manage Windows, macOS, iOS, and Android device policies using Intune.
• Design and administer Intune RBAC, including role assignments, scope tags, administrative boundaries, and delegated access models.
• Implement endpoint security controls, including disk encryption, firewall policies, attack surface reduction rules, endpoint privilege controls, and Defender integration.
• Support conditional access enforcement based on device compliance, risk posture, and user identity.
2. Microsoft Purview, Compliance & Data Governance
• Design, configure, and manage Microsoft Purview solutions for data security, compliance, and governance.
• Implement and manage Data Loss Prevention policies, including Exchange, SharePoint, OneDrive, Teams, Endpoint DLP, and cloud app integrations.
• Configure and manage Sensitivity Labels, retention labels, retention policies, information protection, and data classification policies.
• Support data discovery, classification, labeling, and protection initiatives across Microsoft 365 and Azure environments.
3. Microsoft Entra ID, Identity Security & Zero Trust
• Design and manage Microsoft Entra ID identity architecture, including users, groups, roles, applications, enterprise apps, and service principals.
• Implement and optimize Conditional Access policies, MFA, Identity Protection, Privileged Identity Management, and access reviews.
• Support hybrid identity integration using Entra Connect / Azure AD Connect.
• Design and implement least-privilege access models using Entra ID roles, administrative units, privileged access groups, and RBAC principles.
• Manage identity governance controls such as entitlement management, access packages, lifecycle workflows, and periodic access reviews.
• Support Zero Trust architecture by enforcing identity-driven access, device trust, application control, and risk-based authentication.
• Investigate identity-related alerts, suspicious sign-ins, risky users, risky workloads, and privilege escalation events.
4. Azure Cloud Security & Platform Administration
• Support secure design, deployment, and administration of Azure cloud environments.
• Configure and manage Azure resources, subscriptions, management groups, resource groups, policies, and role-based access controls.
• Implement Azure RBAC, Azure Policy, management group governance, tagging standards, and cloud access control models.
• Assist in securing Azure workloads, including virtual machines, storage accounts, key vaults, networking, app services, and databases.
• Implement governance and monitoring controls across Azure subscriptions to improve visibility, compliance, and operational control.
• Work with security teams to review cloud misconfigurations, excessive permissions, exposed resources, and policy violations.
Required Experience
• 4+ years of hands-on experience in enterprise IT, Microsoft cloud, security or infrastructure engineering roles.
• Strong hands-on experience with Microsoft Purview, including DLP, sensitivity labels, retention policies, data classification, and compliance features.
• Strong hands-on experience with Microsoft Intune, including endpoint management, device compliance, security baselines, app protection, and RBAC.
• Strong knowledge of Microsoft Entra ID, including Conditional Access, MFA, PIM, Identity Protection, access reviews, and hybrid identity.
• Good understanding of Zero Trust security principles, least privilege access, endpoint governance, and identity-based security.
• Experience working with enterprise clients in implementation, migration, governance, or security improvement projects.
Must-Have Requirements
• Hands-on experience implementing and managing Microsoft Purview DLP policies, including Endpoint DLP.
• Hands-on experience with Microsoft Intune RBAC, including role assignments, scope tags, device compliance, and app/device policy enforcement.
• Strong knowledge of Microsoft Entra ID Conditional Access, MFA, PIM, and Identity Protection.
• Practical experience with Azure RBAC, Azure Policy, Defender for Cloud, and Azure monitoring tools.
• Strong documentation, troubleshooting, and client-facing communication skills.
