Key Responsibilities:
1. Advanced Security Operations:
• Perform continuous monitoring of the organization’s Microsoft Defender security suite to detect and respond to threats.
• Conduct threat hunting to identify and mitigate hidden risks and persistent threats.
• Manage security alerts and incidents, coordinating containment, eradication, and recovery efforts.
• Analyze security logs, telemetry, and events to uncover anomalies and vulnerabilities.
2. Incident Response:
• Lead the end-to-end incident response process, including detection, investigation, and resolution.
• Develop and refine playbooks for handling specific threat scenarios.
• Collaborate with IT teams to implement mitigation measures and prevent recurrence.
3. Threat Intelligence & Vulnerability Management:
• Gather and analyze threat intelligence to stay ahead of emerging threats.
• Perform regular vulnerability scans and recommend security patches and updates to maintain a hardened environment.
• Leverage Microsoft Defender Vulnerability Management (MDVM) to prioritize and remediate vulnerabilities.
4. Security Hardening & Data Loss Prevention (DLP):
• Implement and maintain security hardening practices across all IT systems and endpoints.
• Configure and optimize Microsoft DLP solutions to prevent unauthorized data sharing or exfiltration.
• Develop and enforce policies for safeguarding sensitive data within the organization.
5. Cloud Security & Microsoft Environment Management:
• Secure Microsoft Azure cloud infrastructure, including Azure AD, Azure Security Center, and Microsoft Sentinel.
• Ensure security for hybrid and on-premises environments integrated with Microsoft technologies.
• Manage identity protection, conditional access policies, and secure configurations within Microsoft platforms.
6. Documentation & Reporting:
• Maintain detailed documentation for incidents, threat hunting activities, and remediation efforts.
• Provide regular reports to stakeholders on key security metrics and operational performance.
• Collaborate with IT teams to align security measures with business requirements.
Key Skills & Qualifications:
• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Expert-level experience with Microsoft Defender for Endpoint, Microsoft Sentinel, and other Microsoft security tools.
• Hands-on experience in threat hunting, incident response, and vulnerability management.
• Strong knowledge of security hardening practices for operating systems, endpoints, and cloud workloads.
• In-depth understanding and implementation of Data Loss Prevention (DLP) solutions in Microsoft environments.
• Familiarity with cybersecurity frameworks and methodologies (e.g., MITRE ATT&CK).
• Strong awareness of the ISO 27001 framework, with the ability to implement and maintain relevant security controls.
• Excellent analytical and problem-solving skills.
Key Technologies & Tools:
• Microsoft Defender Suite (Defender for Endpoint, Defender for Identity, Defender for Office 365)
• Microsoft Sentinel (SIEM)
• Microsoft Azure Security Center
• Microsoft Intune and Azure AD Conditional Access
• Microsoft Data Loss Prevention (DLP) solutions
• Vulnerability management tools integrated with Microsoft Security