Identity Administrator - Cyber Security Domain

Description :

Role : Identity Administrator

Required Technical Skill Set :

- Bachelors degree in Cyber Security, IT, Computer Science, or equivalent experience.

- 5 to 8+ years in security engineering/operations with handson in M365 Defender Email security, and AD security (Varonis)

Must-Have :

- Must have hand on experience on above mentioned tools

- B.E/B.Tech/MCA with 5-8 years of relevant experience.

- Microsoft Defender Email Security Certified.

- CEH & ITIL Foundation

Good-to-Have : Good communication skills.

Responsibility of / Expectations from the Role :

Email Threat Monitoring & Response :

- Monitor email security gateways and dashboards for suspicious activities

- Analyse and respond to :

1. Phishing emails

2. Email Encryption

3. Spam and spoofing attacks

4. Malware/ransomware attachments

5. Business Email Compromise (BEC)

- Perform initial triage and investigation of email security alerts

- Quarantine, block, or remove malicious emails from user mailboxes

- Escalate critical incidents to L2/L3 or SOC teams

Email Security Administration :

- Configure and manage email security tools such as:

1. Microsoft Defender for Office 365

2. Proofpoint / Mimecast / Trend Micro (as applicable)

- Manage email policies, rules, and threat filters

- Support safe links, safe attachments, and antiphishing policies

- Review false positives and finetune detection rule

Identity & Domain Protection :

- Support implementation and monitoring of :

1. SPF, DKIM, and DMARC

- Detect and respond to email spoofing and domain impersonation

- Assist in securing privileged email accounts

Data Security & Governance (Varonis) :

- Platform Monitoring & Health Management

- Data Source Onboarding & Configuration

- Alert Monitoring & Triage

- Alert & Policy Optimization

- Data Classification & Governance

- Permissions & Access Governance

- Reporting & Posture Management

- Integration & Automation Support

- Daily/weekly operational checklists and reports.

- Alert monitoring and escalation documentation.

- Sensitive data exposure and permissions review reports.

- Monthly posture review decks.

- Updated SOPs and runbooks.

- Support documentation for newly purchased modules.

- Track & all MDDR escalations and ensure closure.