Responsible for managing enterprise-level Microsoft security solutions, executing L3 security operations, and ensuring comprehensive protection across Microsoft Defender, Purview, and Cloud Security platforms.

Technical Knowledge & Expertise

• Deep understanding of Microsoft Security stack including:
• Microsoft Purview DLP solutions
• Microsoft Defender XDR/EDR
• Defender Cloud Apps
• Defender Vulnerability Assessment
• Global Secure Access & Zero Trust Architecture
• Multi-Factor Authentication systems
• Microsoft 365 Defender

·      Expert-level proficiency in:

• Advanced security incident investigation and resolution
• Complex DLP policy configuration and troubleshooting
• Advanced threat detection and response
• Zero Trust architecture implementation
• Security automation and orchestration
• Vulnerability management and remediation strategies
• Advanced log analysis and security monitoring
• Cloud security architecture design

Core Responsibilities

Security Operations Management

• Execute L3 incident response and advanced threat hunting
• Manage and optimize Microsoft Defender XDR/EDR configurations
• Configure and maintain Microsoft Purview DLP policies
• Implement Zero Trust Network Access (ZTNA) solutions
• Oversee vulnerability management and remediation
• Monitor and respond to advanced security threats
• Monitor and investigate security alerts across:
• Microsoft Defender XDR/EDR
• Microsoft Purview DLP
• Defender Cloud Apps
• Global Secure Access
• MFA and Identity Management
• Review authentication logs and suspicious activities
• Analyze policy violations and implement corrective actions
• Monitor phishing and quarantine email activities
• Conduct security compliance checks across all platforms
• Perform vulnerability assessments
• Update security policies and access controls
• Execute phishing simulations and training campaigns
• Review and optimize security scores

Required Qualifications

Technical Skills

• 7+ years of experience in cybersecurity operations
• Deep expertise in Microsoft security solutions
• Advanced incident response and threat hunting capabilities
• Strong knowledge of Zero Trust architecture
• Experience with security automation and orchestration

Required Certifications

• Microsoft Security Operations Analyst (SC-200)
• Microsoft Information Protection Administrator (SC-400)
• Azure Security Engineer Associate (AZ-500)
• Microsoft 365 Security Administrator (MS-500)

Key Competencies

• Advanced problem-solving and analytical skills
• Strong incident management capabilities
• Excellent documentation and communication skills
• Ability to work in high-pressure environments
• Strong team collaboration abilities

Performance Expectations

• Maintain SLA response times
• Achieve security compliance
• Reduce mean time to detect and respond to threats
• Maintain comprehensive security documentation
• Lead security improvement initiatives