Role Purpose
We are seeking a Senior IT Security Expert to own, design, and continuously improve the organization’s IT security posture across infrastructure, network, identity, endpoints, and Microsoft platforms.
This role exists to:
Protect the organization against cyber threats
Eliminate security gaps caused by poor design or misconfiguration
Ensure security is embedded by design, not added as an afterthought
The IT Security Expert acts as the technical authority for security, working closely with Architecture, Server, Microsoft, and Network experts.
This is not a SOC analyst or compliance-only role.
This role requires deep technical security expertise
Scope of Ownership
The IT Security Expert owns security design and enforcement across:
- Network & Perimeter Security (Sophos Firewalls)
- Identity & Access Security (AD, Entra ID)
- Endpoint Security (Windows, Intune)
- Server & Infrastructure Security
- Microsoft 365 Security
- Vulnerability & Incident Management
- Quarterly IT Security Attack and Defense Simulations
Key Responsibilities:
- Security Architecture & Secure-by-Design
Define and maintain security architecture principles
Embed security requirements into:
- Infrastructure designs
- Network and firewall designs
- Cloud and hybrid architectures
Review and approve designs from a security perspective
Work closely with the Architecture Expert to ensure alignment
- Network & Firewall Security (Sophos Focus)
Act as security authority for Sophos Firewall environments
Design and govern:
- Perimeter security
- Internal network segmentation
- Firewall zone models
Define standards for:
- Firewall rule design and lifecycle
- VPN security (site-to-site and remote access)
Ensure secure connectivity between:
- Central datacenter (Germany)
- Multiple office locations
- Identity & Access Security
Own security controls for:
- Active Directory
- Microsoft Entra ID (Azure AD)
Design and enforce:
- MFA and Conditional Access
- Privileged access models
- Least-privilege principles
Secure Joiner / Mover / Leaver processes
Monitor and reduce identity-based attack surface
- Endpoint & Client Security
Define and enforce endpoint security standards for:
Work closely with the Microsoft Expert on:
- Intune security baselines
- Compliance policies
- Device compliance policies
Ensure protection using:
- Microsoft Defender for Endpoint
Reduce endpoint attack vectors and misconfigurations
- Server, Infrastructure & Platform Security
Define security hardening standards for:
- Windows Server
- Linux servers
- Hyper-V hosts and clusters
Ensure secure configuration of:
- Authentication
- Patch management
- Privileged access
Work with the Senior Server, Linux & Datacenter Expert on secure implementation
- Microsoft 365 Security & Compliance
Implement and optimize:
- Microsoft Defender for Office 365
- Microsoft Secure Score improvements
Support:
- Data protection controls (DLP, sensitivity labels where applicable)
Advise on secure usage of:
- Exchange Online
- SharePoint Online
- Teams
- Vulnerability & Incident Management
Own vulnerability management process:
- Vulnerability scanning
- Risk assessment
- Remediation prioritization
Lead response for:
- Security incidents
- Security breaches
Conduct:
- Root-cause analysis
- Post-incident improvements
- Security Policies, Documentation & Governance
Define and maintain:
- Security policies and standards
- Secure configuration baselines
- Incident response procedures
Ensure documentation is:
Support audits and compliance requirements
- Security Awareness & Advisory Role
Act as Level 3 / Expert escalation for all security issues
Advise management and IT leadership on:
- Security risks
- Threat landscape
- Mitigation strategies
Support security awareness initiatives (technical scope)
- Quarterly IT Security Attack and Defense Simulation (Mandatory Responsibility)
Plan, execute, and lead Quarterly IT Security Attack and Defense Simulations
Simulate realistic attack scenarios, including:
- Phishing and identity compromise
- Privilege escalation
- Lateral movement
- Endpoint compromise
- Misconfiguration exploitation
Validate effectiveness of:
- Identity security (MFA, Conditional Access)
- Endpoint protection (Microsoft Defender)
- Network segmentation and firewall rules (Sophos)
- Incident detection and response processes
Coordinate simulations with:
- IT Security team
- Infrastructure, Microsoft, and Network experts
Document:
- Findings
- Gaps
- Lessons learned
Define and track remediation actions after each simulation
Report results and improvement roadmap to IT leadership
Required Languages
8+ years in IT security or infrastructure security roles
Strong background in:
- Network and firewall security
- Identity and access security
- Endpoint and server security
Proven experience securing enterprise environments
Mandatory Technical Expertise
Network & Firewall Security
- Sophos Firewall
- Network segmentation and VPN security
Identity & Access
- Active Directory security
- Microsoft Entra ID security
- Conditional Access and MFA
Endpoint & Infrastructure
- Windows endpoint security
- Windows & Linux server hardening
- Hyper-V security concepts
Microsoft Security
- Microsoft Defender suite
- Secure Score optimization
Soft Skills
- Strong analytical and risk-based mindset
- Ability to challenge insecure designs constructively
- Clear communication with technical and non-technical stakeholders
- High ownership and accountability
- Calm and structured approach during incidents
Certification Requirements
Mandatory (At Least One)
- Microsoft Certified: Security Operations Analyst Associate
OR
- Microsoft Certified: Identity and Access Administrator Associate
Strongly Preferred
- SC-100: Microsoft Cybersecurity Architect Expert
- Sophos Firewall Engineer / Architect Certification
- CISSP or CISM
Nice to Have (Expert Signal)
- Blue Team Level 1 / Level 2 (BTL1 / BTL2)
- MITRE ATT&CK Defender
- GIAC Security Operations (GCED / GCIA)
Success Criteria
- Measurable improvement in security posture
- Quarterly simulations executed and documented
- Reduced security incidents and vulnerabilities
- Clear, enforced security standards across IT
