System Security Engineer

BAE Systems Strategic Aerospace Services WLL | Full time We are seeking a highly skilled

System Security Engineer

to strengthen our cybersecurity posture across on-premise and hybrid environments. The ideal candidate will have a strong background in Windows infrastructure security, identity and access management, scripting, and compliance frameworks. This role is critical to ensuring the protection, integrity, and resilience of our IT systems, while supporting secure business operations and digital transformation initiatives.

Key Responsibilities :

Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).

Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.

Automate security tasks and perform system audits using PowerShell and other scripting tools.

Manage patching processes using WSUS, SCCM, or third-party tools.

Integrate security logs and data into SIEM platforms and support threat detection / response initiatives.

Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.

Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.

Assess and respond to security incidents using frameworks like MITRE ATT&CK.

Continuously evaluate and improve system and application security controls.

Requirements

Qualifications : Required :

Bachelor’s degree in Information Security, Computer Engineering, or related field.

One or more of the following certifications : - Microsoft Certified : Security Operations AnalystAssociate (MS-SC200) - Microsoft Certified : Identity and AccessAdministrator Associate (SC-300) - Microsoft Certified Cybersecurity ArchitectExpert Preferred :

Master’s degree in Information Security or Computer Engineering

Additional certifications such as : - Systems Security Certified Practitioner (SSCP) - CompTIA Cybersecurity Analyst (CySA+) - Certified Information Systems SecurityProfessional (CISSP) Experience & Knowledge Requirements :

5+ years of experience in Windows infrastructuresecurity (Active Directory, Exchange, endpoint hardening)

In-depth knowledge of :

• Active Directory (LDAP, Kerberos, Group Policy,ADFS)
• Exchange security (transport rules,SPF / DMARC / DKIM, hybrid configurations)

StrongPowerShell scripting capabilities for security automation and audits

Proficient inZero Trust architecture and multi-factor authentication practices

Understandingof compliance frameworks : ISO 27001, NIST, CIS Controls

Experienceintegrating with on-premise SIEM solutions

Familiaritywith MITRE ATT&CK and advanced threat detection techniques

Solidbackground in systems, networks, and / or application security

SkillsRequirements : Security architecture and systemhardening

Scripting and automation (PowerShell)

Identity and access management (IAM)

Compliance and regulatory knowledge

Problem-solving and incident response

Strong communication and documentationskills

#J-18808-Ljbffr