Join Sri Lanka’s Great Place to Work Awarded organization, Tech One Lanka!
We are an organization that celebrates the diversity of our teams, where everyone can be themselves and is empowered to do their best work. Our purpose is to build an empowered community with empathy and a growth mindset to build innovative solutions to achieve remarkable results. We foster a safe space for everyone to learn, grow, and have fun. This is why our people can’t believe that their work here is actually a job. That’s because innovation is at the heart of everything we do. Every day, our people get to imagine new possibilities, take magnificent risks, fail spectacularly, and succeed in spaces no one has dared to venture into before
Here at Tech One, you’ll have the opportunity to make an impact by contributing to our global projects and working with diverse, talented individuals across our offices. We promote an always-learning culture and provide our people with vast growth opportunities. Got any suggestions to make Tech One an even better place to work? We have a team that listens; share your thoughts and contribute to the changes. Got the skills and right qualities to be part of our awesome team? Competitive remuneration awaits you!
The role in a nutshell:
Tech One Global Lanka Pvt Ltd. is seeking a Cybersecurity Engineer to join our Microsoft Cybersecurity delivery practice as a hands-on implementation specialist. This is a delivery-focused role responsible for configuring, deploying, and operationalizing Microsoft security solutions across customer projects to deliver outcomes that are secure, well-documented, and ready for handover. You will work across Microsoft Sentinel, Defender XDR, Entra ID, and baseline Azure and M365 security configurations under the guidance of senior security architects and project managers, building technical depth across the Microsoft security stack as you grow.
What you will do in this role:
- Security Solution Implementation: Execute end-to-end technical delivery of Microsoft security projects, translating solution designs and scope documents into working, production-grade configurations. Own assigned implementation tasks, track progress against project plans, and proactively escalate blockers to relevant stakeholders to keep delivery on schedule.
- Microsoft Sentinel Deployment: Deploy and configure Microsoft Sentinel workspaces, including Log Analytics workspace setup, data connector onboarding across Microsoft and third-party sources, analytics rule configuration, KQL query development, watchlist creation, workbook setup, and SOAR playbook implementation using Logic Apps. Perform post-deployment validation to confirm data ingestion, alert triggering, and automation are functioning as designed.
- Defender XDR Onboarding & Configuration: Onboard and configure Defender for Endpoint (MDE) across Windows, macOS, and Linux platforms, including attack surface reduction (ASR) rule configuration, onboarding policy setup via Intune or Group Policy, and initial alert tuning. Configure Defender for Office 365 (MDO) anti-phishing, safe links, and safe attachments policies, and support Defender for Identity (MDI) sensor deployment and basic alert configuration.
- Entra ID & Identity Security Configuration: Implement Entra ID security configurations in line with solution design, including Conditional Access policy deployment, MFA rollout, SSPR setup, Privileged Identity Management (PIM) configuration, Identity Protection risk policy setup, and SSO/federation with third-party applications. Support hybrid identity configuration via Entra Connect, and troubleshoot synchronization issues arising during delivery.
- Baseline Security Posture Configuration: Apply Microsoft security baseline configurations across every engagement, including Defender for Cloud (MDC) enablement, Secure Score remediation actions, Azure Policy compliance baseline, RBAC design, Security Copilot, Key Vault setup, and network security baseline (NSG, Azure Firewall where in scope). Ensure delivered environments meet a defined security baseline before project handover and escalate requirements beyond baseline scope.
- Configuration Testing & Validation: Perform functional testing and validation of deployed security solutions to confirm they meet design intent and customer acceptance criteria. Identify and resolve configuration issues, integration failures, and policy conflicts during the delivery phase, escalating with clear diagnostic notes where senior involvement is required.
- Documentation, Handover & Knowledge Transfer: Produce accurate as-built documentation, configuration runbooks, and operational guides for every project. Deliver structured knowledge transfer to customer technical teams at project close, ensuring they can manage deployed solutions independently. Ensure clean handover to the support practice with documented environment details, known issues, and escalation contacts.
- Practice Contribution & Continuous Learning: Contribute implementation learnings, reusable configuration templates, and delivery notes back to the Security practice to improve consistency across future projects. Proactively maintain technical readiness through self-directed learning, certification pursuit, and awareness of Microsoft Security product updates that affect active or upcoming deliveries.
Required Qualifications
- Bachelor’s degree in Cybersecurity, or related field
- 2–3 years of hands-on technical experience in a security engineering, IT implementation, or technical support role within a Microsoft partner or enterprise security environment
- Working knowledge and practical delivery experience across the following:
- Microsoft Sentinel: workspace deployment, data connector configuration, basic analytics rule and KQL query setup, and SOAR playbook implementation
- Defender for Endpoint (MDE): device onboarding across Windows/macOS/Linux, ASR rule configuration, and basic alert tuning
- Defender for Office 365 (MDO): anti-phishing, safe links, and safe attachments policy configuration
- Defender for Identity (MDI): sensor deployment and basic alert configuration
- Microsoft Entra ID: Conditional Access, MFA, SSPR, PIM, SSO/federation, and Entra Connect hybrid identity sync
- Baseline Azure & M365 Security: Defender for Cloud enablement, Secure Score remediation, RBAC, Azure Policy baseline, and NSG configuration
- On-Premises: Active Directory, Windows Server, Group Policy, and basic network security tools sufficient to support hybrid deployment and migration scenarios
- Ability to work from solution architecture documents and produce accurate as-built documentation
- Solid troubleshooting skills with the ability to independently diagnose and resolve configuration issues, policy conflicts, and integration errors within assigned workloads
- Clear written and verbal communication skills with the ability to engage customer technical teams professionally throughout the delivery and support lifecycle
Preferred Qualifications
- Microsoft certifications: SC-900 (baseline expectation); SC-200, SC-300, or AZ-500 in progress or recently completed
- Basic PowerShell and KQL proficiency for deployment automation, configuration tasks, and post-deployment validation
- Familiarity with Microsoft security licensing constructs, M365 E3/E5 Security, Defender add-ons, and Sentinel workspace basics, sufficient to understand what is in scope for a given customer deployment
- Working knowledge of security frameworks such as NIST CSF, CIS Controls, or ISO 27001 at a foundational level
Key Competencies
- Delivery Focus
- Takes ownership of assigned implementation tasks and drives them to completion with minimal supervision, escalating blockers early rather than letting them stall
- Technical Curiosity
- Actively builds knowledge across the Microsoft security stack beyond immediate task requirements, recognizing that breadth matters as much as depth at this stage of career
- Attention to Detail
- Produces configurations, test validations, and documentation that are accurate, complete, and consistent with the design intent
- Escalation Quality
- Escalates with clear, well-documented diagnostic findings, enabling senior architects to continue without re-investigating from scratch
- Customer Professionalism
- Engages customer technical contacts confidently and professionally throughout the delivery lifecycle
- Continuous Learning
- Proactively pursues Microsoft security certifications and tracks product updates relevant to active and upcoming delivery engagements
How to get in touch with us:
Address: Tech One Global Lanka (Pvt) Ltd, No:185/4, Havelock Road, Colombo 05
- Email your CV to hr@techoneglobal.com along with the contact details of two non-related referees
