Upson Regional Medical Center · 11 hours ago
Sr. M365 Security & Infrastructure Engineer
Thomaston, GA
Full-time
Onsite
Mid, Senior Level
3+ years expUpson Regional Medical Center is a small hospital with a BIG heart! They are seeking a Senior M365 Security & Infrastructure Engineer to serve as the technical lead for the hospital's secure digital workspace in the Microsoft M365 Cloud, focusing on security, compliance, and device lifecycle management.
Health CareInformation Technology
Responsibilities
Cloud DLP (Microsoft Purview and Safetica): Engineer policies to prevent PII/PHI exfiltration across cloud-native channels (Teams, Exchange Online, SharePoint, OneDrive)
Endpoint DLP & Insider Risk (Safetica): Administer Safetica for granular endpoint control. Configure Safetica Zones to strictly define "Safe" vs. "Untrusted" destinations and enforce device control policies (USB/FireWire/Bluetooth)
Information Governance: Implement Purview Sensitivity Labels to classify and encrypt documents at the file level, ensuring protection travels with the data
Behavioral Protection: Utilize Safetica’s Contextual Defense to tailor user restrictions based on behavior patterns rather than static rules, coaching users via real-time alerts
Shadow IT & Audit: Use Safetica’s App & Web Audit to uncover unauthorized software usage, while leveraging Purview’s eDiscovery tools for legal holds and litigation support
Windows Architecture: Manage the deployment and lifecycle of Windows Enterprise editions, utilizing the Long-Term Servicing Channel (LTSC) where necessary
Zero-Touch Provisioning: Engineer and maintain Windows Autopilot profiles for seamless, out-of-the-box device provisioning
Device Compliance: Configure strict compliance policies and configuration profiles within Microsoft Intune for all mobile (iOS/Android) and desktop assets
Virtualization: Administer Windows 365 Enterprise (Cloud PCs) and Azure Virtual Desktop (AVD) for secure remote access
Patching: Oversee Windows Autopatch and update rings for rapid vulnerability remediation
EDR Management: Deploy and manage SentinelOne agents. Tune policies for active remediation, rollback capabilities, and behavioral AI threat detection
SIEM Architecture: Architect the LevelBlue (AlienVault) implementation. Aggregate logs from M365, Safetica, SentinelOne, and firewalls for centralized correlation
Threat Response: Configure intelligence feeds between SentinelOne and LevelBlue to automate incident response workflows
Vulnerability Scanning: Utilize LevelBlue’s asset discovery tools to regularly audit the environment
Zero Trust Architecture: Architect granular Conditional Access policies (e.g., blocking non-compliant devices, requiring MFA for risky logins)
Privileged Access: Enforce Just-In-Time (JIT) access via Privileged Identity Management (PIM)
Authentication: Roll out phish-resistant authentication methods (FIDO2 keys, certificate-based auth)
Qualification
Required
Education: Associate degree in Computer Science, Information Technology, Cybersecurity, or a related field
Experience: 3+ years of experience in systems and cybersecurity administration, with at least 2 years focused on M365 and endpoint security
Technical Stack: Proven experience with Microsoft Purview (Compliance), Safetica (DLP), SentinelOne (EDR), and LevelBlue / AlienVault (SIEM)
Preferred
Certifications: Microsoft 365 Certified: Enterprise Administrator Expert (MS-102)
Certifications: Microsoft Certified: Information Protection Administrator Associate (SC-400) —Highly Preferred—
Certifications: SentinelOne: S1 Analyst or Incident Responder Certification
Education: Bachelor's degree in a technical field, preferably Computer Science or Information Systems
Company
Upson Regional Medical Center
URMC is a place where patients come first, and where they find the very best in healthcare professionals, facilities and technology.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Jeffrey Tarrant
Chief Executive Officer
Doug Thompson
Chief Information Officer
Company data provided by crunchbase