IT Security Engineer

About UsRedCompass Labs enables good payments and helps stop the bad. We are experts in ISO20022-based payments, instant payments, cross-border payments, payments interoperability and financial crime. We use the latest Applied AI, micro-services technology and deep payment knowledge to deliver payment transformation projects. These solutions help our clients accelerate their payments modernization programs, reducing costs and regulatory risk.The RedFlag Accelerator sets the industry standard for detecting financial crimes. Using a persona-oriented approach, it identifies the actors behind transactions—victims, money-laundering professionals, perpetrators, and more. By combining the very latest red flags, crime models, and OSINT data, our system detects crimes spanning labor and sex trafficking, elder abuse, drug trafficking, as well as scams and potential APP fraud within financial transactions. Our comprehensive offerings include algorithms, analytics, and training tools for bank’s systems and team.With offices in London, Warsaw, Antwerp, Tokyo, Miami, Toronto, and Pune, we support clients worldwide.Role DescriptionWe are seeking a Security and Compliance–focused IT Engineer to join our IT team. This role will be primarily responsible for strengthening and maintaining the organization’s security posture and compliance controls across Microsoft and cloud environments. The ideal candidate will have hands-on experience with Microsoft 365, Azure, Intune, and security tools, alongside strong technical foundations in endpoint management and identity administration. This position requires both strategic thinking and technical execution — ensuring the confidentiality, integrity, and availability of systems while enabling efficient, secure IT operations.Key Responsibilities Security & Compliance (Core Focus): Lead the implementation, monitoring, and continuous improvement of Microsoft security and compliance frameworks across the enterprise environment. Administer Microsoft Intune compliance policies to enforce device encryption, health checks, and endpoint protection standards. Manage Microsoft Purview for data governance, data loss prevention (DLP), sensitivity labels, and eDiscovery. Administer and optimize Microsoft Defender for Endpoint and Defender for Cloud, ensuring proactive threat detection, vulnerability remediation, and policy compliance. Regularly review and adjust Microsoft Entra ID (Azure AD) Conditional Access policies, MFA configurations, and access control rules to align with internal and regulatory requirements (e.g., ISO 27001, GDPR). Conduct compliance audits and produce reports using Microsoft Compliance Manager and Secure Score, driving improvement initiatives across teams. Manage and maintain role-based access control (RBAC) and Privileged Identity Management (PIM) in Entra ID to minimize privilege escalation risks. Collaborate with the Head of IT and Head of Information Security to investigate, document, and remediate security incidents or non-compliance findings. Support external and internal audits by providing configuration documentation, access records, and system evidence. Evaluate and monitor the cybersecurity posture of vendors and partners. Ensure contractual and operational controls are in place. Cloud & Identity Administration: Administer Microsoft Azure and Microsoft 365 environments, managing user identities, permissions, and security baselines. Oversee Exchange Online, SharePoint, and Teams administration, ensuring secure collaboration and data access controls. Manage integration between Azure, Intune, ensuring consistent compliance enforcement. Endpoint Management & Infrastructure: Manage endpoint configuration, compliance, and policy enforcement through Microsoft Intune and JAMF Pro. Support patch management, system hardening, and endpoint encryption to maintain a secure infrastructure. Provide Tier 2/3 support for security-related escalations and compliance configuration issues. Network & Security Tools: Configure and maintain Zscaler or equivalent secure web gateway solutions. Ensure integration of network security tools with Microsoft security ecosystem for unified policy enforcement. Projects & Documentation: Lead or support IT security and compliance projects from design to implementation. Maintain detailed documentation of configurations, security baselines, and operational procedures. Contribute to the internal security knowledge base and ensure team alignment on compliance standards. User Support and Service Desk: Promptly address service desk tickets for user issues raised in domestic location when other IT Support regions are not on line Provide tier 2/3 support for escalated technical issues, raised by users in domestic location, across platforms Assist with onboarding/offboarding processes in domestic location Required Skills & Experience Must-Have Technical Expertise: Proven experience with Microsoft Intune, including compliance, configuration, and policy management. Strong hands-on knowledge of Microsoft Defender, Purview, Azure AD / Entra ID, and Conditional Access. Experience improving and reporting on Microsoft Secure Score and Compliance Manager. Familiarity with ISO 27001, SOC 2, GDPR, or similar compliance frameworks. Scripting proficiency (PowerShell, Bash) for automation and security administration. Knowledge of identity and access management, cloud security, and endpoint protection principles. Fundamental IT Skills: Strong understanding of Windows and macOS environments. Networking fundamentals (DNS, DHCP, VPN, firewalls). Familiarity with ITIL-based service management practices. Soft Skills: Excellent analytical, troubleshooting, and problem-solving abilities. Strong communication skills with the ability to explain security concepts clearly. High attention to detail and commitment to maintaining compliance. Collaborative and proactive approach to improving organizational security. Preferred Qualifications Certifications such as: Microsoft Certified: Security Operations Analyst, Information Protection Administrator, or Azure Administrator Associate. Zscaler Certified Engineer or Jamf 300. Experience managing Microsoft compliance and governance in regulated industries. Familiarity with Defender for Identity, Sentinel, or other SIEM/SOAR tools. Prior experience contributing to security audit readiness or risk management programs. Employment with RedCompass Labs includes the following competitive benefits packageUp to 10% of annual salary performance bonusMedical insurance for you and your family22 days annual holiday plus Public & Bank holidays plus one day of Company Holiday day to be chosen from 4 dates5 days of full-paid Sick LeaveTraining budget