Microsoft 365; M365 Security & Endpoint Engineer Security Clearance

Position: Microsoft 365 (M365) Security & Endpoint Engineer with Security Clearance
Capgemini Government Solutions (CGS) is seeking a highly motivated Microsoft 365 Engineer with deep experience in cybersecurity, endpoint management, and cloud-native security solutions to join our team in supporting federal government clients in GCC High environments. This role emphasizes hands-on architecture and administration of Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft Intune, Azure Virtual Desktop (AVD), and other M365 workloads within regulated and high-security environments.

Job Responsibilities
- General Responsibilities
- * Provide strategic input to identity and security architecture in Microsoft 365, Azure AD, and related services
* Collaborate with security, operations, and compliance teams to implement secure-by-design configurations
* Develop technical documentation, runbooks, and executive-level reporting for compliance audits and operational transparency
* Troubleshoot Tier 3 issues related to Sentinel rules, Intune policy conflicts, AVD connectivity, and security misconfigurations
* Serve as the SME for endpoint security, SIEM/SOAR platforms, and Zero Trust implementations within Microsoft ecosystems

Key Responsibilities
- Cloud Security & Monitoring
* Architect, configure, and manage Microsoft Sentinel for advanced threat detection, investigation, and response
* Integrate Sentinel with Microsoft Defender solutions and third-party data connectors to monitor hybrid cloud infrastructure
* Design and implement security best practices using Microsoft Defender for Cloud, focusing on CSPM, workload protection, and threat analytics
* Create custom KQL queries and workbooks for detection, automation, and incident response workflows Endpoint & Access Management
* Architect and manage Microsoft Intune for endpoint security, compliance, device lifecycle management, and mobile application management (MAM)
* Define conditional access policies integrated with Azure AD to support Zero Trust architecture
* Drive enrollment, configuration profiles, compliance baselines, and application deployment for Windows 10/11, iOS, and Android endpoints Azure Virtual Desktop (AVD)
* Plan, deploy, and manage scalable AVD environments in Azure Government Cloud, ensuring optimal user experience and policy enforcement
* Implement FSLogix profile management, MSIX app attach, and integration with Defender and Sentinel
* Monitor AVD performance and usage analytics for capacity planning and optimization GCC High & Compliance-Focused Workloads
* Work within Microsoft 365 GCC High environments, ensuring full compliance with DoD, FedRAMP High, and NIST 800-53 frameworks
* Secure M365 workloads with a strong focus on tenant hardening, conditional access, DLP, and insider risk policies

Required Qualifications
- * US Citizenship is required
* Eligible to obtain and maintain a DoD Security Clearance (Secret or Top Secret)
* BS/BA degree and 8 years of IT experience, or 10 years total without a degree
* Demonstrated experience in M365 GCC High, Azure Government Cloud, and DoD-compliant environments
* Expert knowledge of Microsoft Sentinel, Defender for Cloud, Intune, and Azure AD Conditional Access
* Working knowledge of AVD architecture, deployment, and management in regulated environments
* Proficiency in Power Shell scripting for automation, policy enforcement, and monitoring
* Experience designing solutions aligned with Zero Trust Architecture, NIST, and FedRAMP High standards
* Strong communication skills for technical and executive-level briefings and documentation

Preferred Qualifications
* Microsoft certifications such as SC-200, MS-500, AZ-104, MD-102, or AZ-140
* Experience integrating third-party SIEM, EDR, or MDM platforms with Microsoft solutions
* Hands-on experience with Log Analytics, KQL, Playbook automation (Logic Apps), and Graph API
* Familiarity with Microsoft Purview, DLP, and Insider Risk Management
* One or more of the following DoD 8570 Level II

Certifications:

Security+ CE, GSEC, SSCP, CCNA Security, or equivalent About Capgemini Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and…