Job matched to your search
L3 IT Security Engineer_M365
BigData Technology Solutions · Dubai
Free · Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.
Job description
L3 IT Security Engineer _M365
Location: Dubai
Job Overview
We are seeking an experienced L3 M365 Security Engineer to serve as our top-tier technical Implementation and escalation point for all cloud security issues. In this role, you will diagnose and resolve complex, systemic infrastructure failures, respond to advanced persistent threats, and continuously optimize security policies across the Microsoft 365 environment. You will bridge the gap between day-to-day operations and high-level cloud architecture.
Key Responsibilities
- Advanced Incident Escalation: Act as the final escalation point for L1/L2 teams, resolving deep technical issues within Microsoft Entra ID, conditional access routing, and complex authentication flows.
- Threat Hunting & Forensics: Lead deep-dive forensic investigations using Advanced Hunting KQL (Kusto Query Language) queries in Microsoft Defender XDR to hunt for hidden threats and lateral movement.
- Complex Policy Troubleshooting: Resolve broken Data Loss Prevention (DLP) rules, misconfigured information protection labels, and synchronization failures within Microsoft Purview.
- Automation & Scripting: Develop, test, and deploy Microsoft Graph API scripts and advanced PowerShell modules to automate incident remediation and policy enforcement.
- Architecture & Change Management: Review proposed changes from cloud architects, assess their impact on operations, and execute high-risk production updates with minimal business disruption.
- Incident Response: Investigate security alerts, perform root cause analysis, and execute remediation actions in coordination with the wider IT/Security Operations Center (SOC) team
- Device & Endpoint Management: Configure and enforce security policies on mobile and desktop devices via Microsoft Intune
- Auditing & Governance: Conduct regular security assessments, maintain compliance with regulatory standards (e.g., ISO 27001, GDPR), and review audit logs
- Mentorship & Knowledge Transfer: Conduct regular technical training sessions for L1/L2 engineering staff and author definitive Standard Operating Procedures (SOPs).
Qualifications & Requirements
- Experience: 5+ years of dedicated enterprise IT support experience, with at least 3 years explicitly operating as a Tier 3 engineer in an M365 environment.
- KQL Mastery: Proven hands-on capability writing complex Kusto Query Language queries to investigate security event logs.
- Advanced Infrastructure Knowledge: Deep understanding of hybrid identity management (Entra Connect), modern authentication protocols (SAML, OAuth, OIDC), and routing concepts.
Certifications
- Microsoft Certified: Cybersecurity Architect Expert (SC100) or Microsoft Certified: Security Operations Analyst Associate (SC-200).
- Soft Skills: Exceptional logical reasoning, crisis management skills during active security incidents, and clear communication under high-pressure scenarios.
Application Question(s):
- What is your notice period to join?
- What is your expected salary in AED?
- How many years of work experience do you have in operating as a Tier 3 engineer in an M365 environment?
- Do you have hands-on experience working with Kusto Query Language?
- Are you certified in Cybersecurity Architect Expert (SC-100) or Security Operations Analyst Associate (SC-200)?
- Do you have valid certification in Cisco-CCNP?
- Are you with hands-on experience - Ivanti Patch Management, Microsoft Intune, Microsoft Defender, and DLP tools?
- Are you certified with Microsoft Security Administrator or CompTIA Security+?
Work Location: In person
More jobs in Dubai
Browse related jobs
Don’t just read the job — see if you’ll get it.
Get your match score, a resume tailored to this exact role, and jobs like it — free.
Check my fit for this job