Built on service. Powered by people.
Impact exists because a small group of industry leaders believed companies in our space were doing it wrong. Many prioritized margins while the people doing the work and the clients relying on it became an afterthought. Impact was built differently: invest in great people, trust them to do great work, and deliver the kind of service clients remember. That approach helped us grow from a small office technology company into a national managed services provider, while remaining privately owned and people-first.
What makes Impact special is that growth has never come at the expense of the values that got us here. We continue to reinvest in our people, our capabilities, and the opportunities ahead so employees can grow alongside the business. We’ve built something special, but we’re far from finished. The people who join Impact now will help define what comes next.
Job Overview
Impact is seeking a Systems Security Engineer to own the governance of systems and data across our environment for security purposes. This role centers on the Microsoft security and compliance ecosystem, including Microsoft Purview, Microsoft Entra ID, and Microsoft Defender, to discover, classify, protect, and govern Impact’s most critical information and systems across a hybrid environment. This is a hands-on engineering role for a subject-matter expert who can translate security, regulatory, and contractual requirements into enforceable technical controls and measure success through incidents avoided, audits passed, and risk reduced.
Responsibilities
- Design, implement, and manage a comprehensive governance strategy across Impact’s environment using Microsoft Purview governance and compliance tools.
- Develop and enforce governance policies to discover, classify, and protect sensitive data and systems across Microsoft 365, Azure, on-premises infrastructure, and SaaS applications.
- Manage sensitivity labels, retention labels, records management, and disposition review to support the full information lifecycle.
- Create, tune, and monitor Data Loss Prevention policies across endpoints, email, Microsoft Teams, SharePoint, OneDrive, and cloud applications.
- Govern identity and access using Microsoft Entra ID, aligning policies to Zero Trust architecture and least-privilege principles.
- Serve as a subject-matter expert for data- and system-related security incidents using Microsoft Purview and Microsoft Defender for investigation, forensics, and response.
- Participate in the security team’s on-call rotation and respond to critical incidents outside of regular business hours when needed.
- Configure Microsoft Purview Audit, audit-log retention, export pipelines, Azure Monitor, Log Analytics, KQL workbooks, and alert rules to monitor compliance and policy drift.
- Translate regulatory and contractual requirements, including CMMC, NIST 800-171, ISO 27001, HIPAA, GDPR, and CCPA, into technical policies and controls in partnership with compliance, legal, and business stakeholders.
- Manage Microsoft Compliance Manager assessments and improvement-action plans, and provide regular reporting on compliance, risk posture, and policy enforcement to leadership.
- Maintain technical documentation, architecture standards, and operational runbooks for governance and security controls.
- Coach and mentor IT and security team members on governance, data protection, and Microsoft security best practices.
Qualifications & Experience
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- Minimum of 5 years of experience in information security, including at least 3 years focused on data protection, data governance, or information lifecycle management.
- Deep hands-on experience with the Microsoft Purview suite, including DLP, Microsoft Information Protection, data classification, Insider Risk Management, eDiscovery, Audit, and Compliance Manager.
- Strong experience with Microsoft Entra ID and the Microsoft Azure ecosystem, including securing data within Azure services such as Azure Storage and Azure SQL.
- Proficiency with scripting languages, particularly PowerShell, for automating security and compliance tasks.
- Strong understanding of data privacy regulations and compliance frameworks, including NIST 800-171, CMMC, ISO 27001, HIPAA, GDPR, and CCPA.
- Excellent analytical, problem-solving, communication, and collaboration skills, including the ability to explain complex technical concepts to technical and non-technical audiences.
- Microsoft SC-400 certification strongly preferred; AZ-500, SC-200, SC-300, MS-102, CISSP, CCSP, or CCSK are a plus.
- Experience with Microsoft Defender for Microsoft 365, Zero Trust security architecture, Microsoft Purview Data Security Posture Management, AI/Copilot data governance, or MSP/multi-tenant environments preferred.
What Drives Impact
Our purpose is people. We empower them to innovate, grow, and succeed. That's how we change the world – one person, one company, one community at a time.
Behaviors define what our values look like in action. Leaders are expected to model them; teams are expected to live them:
- Innovation: We embrace change because innovation lives outside the comfort zone.
- Passion: We are driven by purpose, fueled by passion, and obsessed with making an impact.
- Honesty: We are fiercely transparent and consistently honest.
- Fun: We fuel work with fun, knowing life's too short for boring.
- Low Ego: We champion ideas over titles, because brilliance knows no rank.
- One Team: We win as a team, we lose as a team, we are one team.
Compensation
The typical base salary range for this role is $90,000 to $110,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skillset, experience and training, licensures and/or certifications, and other organizational needs.
Impact may offer applicable incentive compensation plans depending on role and/or department.
Full compensation details can be discussed with an Impact Talent Acquisition team member at the start of the interview process.
Benefits We Take Pride In- 5-year Tiffany & Co. Gift Card, 10-year Custom Rolex, 20-year $20,000 Check incentive rewards
- Valuable time off with up to 20 days of PTO, 7 Paid Sick Days, 12+ paid holidays, and Paid Parental Leave
- Development and growth opportunities with on-going training & continued education reimbursement
- 401(K) & retirement plans with complimentary financial advisory services
- Comprehensive health, disability, life, dental, and vision plans
For more information, visit
https://www.impactmybiz.com/careers/#benefits Work Authorization & Immigration Sponsorship
Candidates must be authorized to work in the United States at the time of application. Immigration sponsorship may be considered in select cases based on business need, cost, workforce planning, and applicable government requirements. Impact does not guarantee sponsorship for any visa category and may decline certain petitions based on associated costs or regulatory requirements.
Certain positions within Impact may involve access to information, technology, software, or technical data that is subject to U.S. export control laws and regulations, including the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR). Where required by applicable law based on the nature of the role, individuals in such positions must qualify as a “U.S. Person,” as defined by law, or otherwise be eligible to obtain any required government authorizations.