On-Site
Full-Time
Pune, Maharashtra
India
About the Role
We're looking for a Principal Systems Engineer This role is Office Based, Mumbai Office
We are seeking a highly skilled Principal Microsoft 365 Security & Compliance Engineer with deep expertise in implementing, managing, and optimizing security controls across our Microsoft ecosystem. The ideal candidate will have extensive hands-on experience with Microsoft Purview, Defender for Endpoint, Azure Active Directory (Entra) Identity Protection, Intune security configurations, and Jamf Pro security management. This role requires demonstrated proficiency in security policy implementation, compliance frameworks, data loss prevention (DLP), and advanced PowerShell scripting for security automation. The successful candidate will drive our security strategy and implement robust compliance protocols across our diverse technology landscape with a focus on protecting sensitive data and maintaining regulatory compliance.
In this role, you will…
Security & Compliance Management
Design, implement, and maintain comprehensive Data Loss Prevention (DLP) policies across Microsoft 365, including
Exchange Online, SharePoint Online, OneDrive, and Teams
Lead the implementation of Microsoft Purview Information Protection for data classification, labeling, and protection across the organization
Develop and enforce Conditional Access and Zero Trust security policies to secure access to corporate resources
Ensure compliance with regulatory requirements including HIPAA, FedRAMP, SOC II, GDPR, and CCPA
Create and maintain security baselines and hardening policies for Windows and macOS endpoints per NIST 800-171 requirements
Conduct regular security assessments and compliance audits of Microsoft 365 environments
Lead the implementation of SDLC practices for secure systems implementation and integration
Endpoint Security Management
Implement and maintain advanced security configurations in Jamf Pro for macOS fleet, including security policies,
restrictions, and compliance reporting
Configure and manage Microsoft Defender for Endpoint across all platforms, including threat and vulnerability
management, attack surface reduction, and response actions
Design and implement secure Mobile Application Management (MAM) policies to protect corporate data on mobile devices
Create and enforce endpoint encryption policies for all managed devices
Implement secure configurations for USB device control and external media protection
Develop and maintain endpoint security reporting and compliance dashboards
Identity & Access Security
Implement and manage Azure AD Identity Protection to identify, investigate, and remediate identity-based risks
Configure and maintain Multi-Factor Authentication (MFA) and Passwordless Authentication strategies
Design and implement Privileged Access Management solutions for administrative accounts
Create and maintain secure access policies for all corporate applications and resources
Implement and maintain security for SharePoint advanced permissions management
Ensure proper separation of duties and least privilege access principles across all systems
Security Integration & Automation
Develop Advanced PowerShell scripts to automate security monitoring, reporting, and remediation
Create integrations using Microsoft Graph API for security data correlation and analysis
Implement security log collection and analysis across Microsoft 365 services
Design and implement security integrations between Microsoft security tools and third-party solutions
Automate security compliance reporting and vulnerability remediation workflows
Integrate enterprise search solutions like Glean with DLP infrastructure to ensure search results comply with security policies
Security Operations
Monitor and respond to security incidents and alerts from Microsoft 365 Defender suite
Provide expert-level troubleshooting for security-related issues across the Microsoft ecosystem
Develop and maintain security incident response procedures
Collaborate with IT operations teams to ensure security best practices are followed
Provide security guidance and consultation for new technology implementations
Create and deliver security awareness training for end users
You’ve Got What It Takes If You Have…
7+ years of experience implementing and managing security solutions within Microsoft 365 environments
Deep expertise with Microsoft Purview compliance solutions and Data Loss Prevention (DLP) implementation
Extensive experience with Microsoft Defender for Endpoint and advanced threat protection
Advanced knowledge of Azure Active Directory security features, including Conditional Access and Identity Protection
Strong experience with Jamf Pro security management for enterprise macOS environments
Experience implementing and managing Intune security policies for Windows and mobile devices
Thorough understanding of compliance frameworks including HIPAA, FedRAMP, SOC II, and GDPR
Advanced proficiency in PowerShell scripting for security automation and compliance reporting
Experience with Microsoft Graph API for security management and reporting
Bachelor's degree in cybersecurity, information systems, or related field (or equivalent experience)
Extra dose of awesome if you have...
CompTIA Security+ certification
Certified Information Systems Security Professional (CISSP) certification
Microsoft 365 Certified: Security Administrator Associate or Microsoft 365 Certified: Enterprise Administrator Expert
Experience implementing Zero Trust security architectures
Familiarity with cloud SIEM solutions such as Microsoft Sentinel
Experience with security automation and orchestration
Strong verbal and written communication skills with ability to translate technical security concepts to non-technical stakeholders
This position is critical for maintaining our security posture and compliance status across our Microsoft environment and requires a candidate who can balance robust security controls with business operational needs.
Our Culture
Spark Greatness. Shatter Boundaries. Share Success. Are you ready? Because here, right now – is where the future of work is happening. Where curious disruptors and change innovators like you are helping communities and customers enable everyone – anywhere – to learn, grow and advance. To be better tomorrow than they are today.
Who We Are
Cornerstone powers the potential of organizations and their people to thrive in a changing world. Cornerstone Galaxy, the complete AI-powered workforce agility platform, meets organizations where they are. With Galaxy, organizations can identify skills gaps and development opportunities, retain and engage top talent, and provide multimodal learning experiences to meet the diverse needs of the modern workforce. More than 7,000 organizations and 100 million+ users in 180+ countries and in nearly 50 languages use Cornerstone Galaxy to build high-performing, future-ready organizations and people today.
Check us out on LinkedIn , Comparably , Glassdoor , and Facebook !
We are seeking a highly skilled Principal Microsoft 365 Security & Compliance Engineer with deep expertise in implementing, managing, and optimizing security controls across our Microsoft ecosystem. The ideal candidate will have extensive hands-on experience with Microsoft Purview, Defender for Endpoint, Azure Active Directory (Entra) Identity Protection, Intune security configurations, and Jamf Pro security management. This role requires demonstrated proficiency in security policy implementation, compliance frameworks, data loss prevention (DLP), and advanced PowerShell scripting for security automation. The successful candidate will drive our security strategy and implement robust compliance protocols across our diverse technology landscape with a focus on protecting sensitive data and maintaining regulatory compliance.
In this role, you will…
Security & Compliance Management
Design, implement, and maintain comprehensive Data Loss Prevention (DLP) policies across Microsoft 365, including
Exchange Online, SharePoint Online, OneDrive, and Teams
Lead the implementation of Microsoft Purview Information Protection for data classification, labeling, and protection across the organization
Develop and enforce Conditional Access and Zero Trust security policies to secure access to corporate resources
Ensure compliance with regulatory requirements including HIPAA, FedRAMP, SOC II, GDPR, and CCPA
Create and maintain security baselines and hardening policies for Windows and macOS endpoints per NIST 800-171 requirements
Conduct regular security assessments and compliance audits of Microsoft 365 environments
Lead the implementation of SDLC practices for secure systems implementation and integration
Endpoint Security Management
Implement and maintain advanced security configurations in Jamf Pro for macOS fleet, including security policies,
restrictions, and compliance reporting
Configure and manage Microsoft Defender for Endpoint across all platforms, including threat and vulnerability
management, attack surface reduction, and response actions
Design and implement secure Mobile Application Management (MAM) policies to protect corporate data on mobile devices
Create and enforce endpoint encryption policies for all managed devices
Implement secure configurations for USB device control and external media protection
Develop and maintain endpoint security reporting and compliance dashboards
Identity & Access Security
Implement and manage Azure AD Identity Protection to identify, investigate, and remediate identity-based risks
Configure and maintain Multi-Factor Authentication (MFA) and Passwordless Authentication strategies
Design and implement Privileged Access Management solutions for administrative accounts
Create and maintain secure access policies for all corporate applications and resources
Implement and maintain security for SharePoint advanced permissions management
Ensure proper separation of duties and least privilege access principles across all systems
Security Integration & Automation
Develop Advanced PowerShell scripts to automate security monitoring, reporting, and remediation
Create integrations using Microsoft Graph API for security data correlation and analysis
Implement security log collection and analysis across Microsoft 365 services
Design and implement security integrations between Microsoft security tools and third-party solutions
Automate security compliance reporting and vulnerability remediation workflows
Integrate enterprise search solutions like Glean with DLP infrastructure to ensure search results comply with security policies
Security Operations
Monitor and respond to security incidents and alerts from Microsoft 365 Defender suite
Provide expert-level troubleshooting for security-related issues across the Microsoft ecosystem
Develop and maintain security incident response procedures
Collaborate with IT operations teams to ensure security best practices are followed
Provide security guidance and consultation for new technology implementations
Create and deliver security awareness training for end users
You’ve Got What It Takes If You Have…
7+ years of experience implementing and managing security solutions within Microsoft 365 environments
Deep expertise with Microsoft Purview compliance solutions and Data Loss Prevention (DLP) implementation
Extensive experience with Microsoft Defender for Endpoint and advanced threat protection
Advanced knowledge of Azure Active Directory security features, including Conditional Access and Identity Protection
Strong experience with Jamf Pro security management for enterprise macOS environments
Experience implementing and managing Intune security policies for Windows and mobile devices
Thorough understanding of compliance frameworks including HIPAA, FedRAMP, SOC II, and GDPR
Advanced proficiency in PowerShell scripting for security automation and compliance reporting
Experience with Microsoft Graph API for security management and reporting
Bachelor's degree in cybersecurity, information systems, or related field (or equivalent experience)
Extra dose of awesome if you have...
CompTIA Security+ certification
Certified Information Systems Security Professional (CISSP) certification
Microsoft 365 Certified: Security Administrator Associate or Microsoft 365 Certified: Enterprise Administrator Expert
Experience implementing Zero Trust security architectures
Familiarity with cloud SIEM solutions such as Microsoft Sentinel
Experience with security automation and orchestration
Strong verbal and written communication skills with ability to translate technical security concepts to non-technical stakeholders
This position is critical for maintaining our security posture and compliance status across our Microsoft environment and requires a candidate who can balance robust security controls with business operational needs.
Our Culture
Spark Greatness. Shatter Boundaries. Share Success. Are you ready? Because here, right now – is where the future of work is happening. Where curious disruptors and change innovators like you are helping communities and customers enable everyone – anywhere – to learn, grow and advance. To be better tomorrow than they are today.
Who We Are
Cornerstone powers the potential of organizations and their people to thrive in a changing world. Cornerstone Galaxy, the complete AI-powered workforce agility platform, meets organizations where they are. With Galaxy, organizations can identify skills gaps and development opportunities, retain and engage top talent, and provide multimodal learning experiences to meet the diverse needs of the modern workforce. More than 7,000 organizations and 100 million+ users in 180+ countries and in nearly 50 languages use Cornerstone Galaxy to build high-performing, future-ready organizations and people today.
Check us out on LinkedIn , Comparably , Glassdoor , and Facebook !