This role demands 5 - 10 years of experience specializing in the Microsoft security suite, focusing on deployment, management, and optimization of Microsoft Defender products and Microsoft Sentinel.

You will be responsible for engineering and integrating cutting-edge SIEM/SOAR solutions and developing advanced threat detection content.

Key Responsibilities & Technical Deliverables :

1.Microsoft Defender Suite Mastery :

Deployment & Management :

- Lead the expert deployment, configuration, and management of the Microsoft Defender suite, specifically covering Defender for Endpoint (MDE), Defender for Identity (MDI), and Defender for Servers (via Azure Arc/MDC).

Policy Optimization :

- Design and refine security policies, hardening standards, and remediation actions within the Defender platforms to maximize enterprise protection and compliance.

Microsoft Sentinel & Threat Engineering :

SIEM/SOAR Configuration :

- Architect and configure Microsoft Sentinel as the centralized SIEM (Security Information and Event Management) platform for hybrid threat detection, integrating data sources across cloud (Azure/AWS/GCP) and on-premises environments.

Content Development (KQL) :

- Develop, optimize, and maintain complex KQL (Kusto Query Language) queries, advanced dashboards, and customized workbooks for actionable security monitoring, threat hunting, and reporting.

Automation (SOAR) :

- Design and implement SOAR (Security Orchestration, Automation and Response) workflows and playbooks within Sentinel/Azure Logic Apps to automate incident triage, response, and remediation processes.

Integration & Compliance :

Workflow Integration :

- Integrate Sentinel with existing infrastructure and security tools (e.g., ticketing systems, vulnerability scanners) to achieve seamless security operations center (SOC) workflows.

Compliance :

- Ensure all deployed security controls and monitoring systems meet required regulatory and organizational compliance standards.

Required Skills & Certifications :

Core Experience :

- 5 - 10 years of experience in security engineering with deep specialization in the Microsoft security stack.

Technical Proficiency :

- Proven expertise in KQL, Sentinel, and the full Microsoft Defender product portfolio.

Integration :

- Demonstrated experience integrating and managing complex SIEM/SOAR environments.

Certifications (Preferred) :

- Microsoft Certified : Security Operations Analyst Associate (SC-200)

- Microsoft Certified : Azure Security Engineer Associate (AZ-500)