about 11 hours ago
Remote, WorldwideEntry Level / Mid Level
Responsibilities
- Assist in preparing client-ready security reports and monthly posture reviews.
- Perform threat hunting exercises using Microsoft Defender XDR and Sentinel.
- Facilitate training for security operations teams on Microsoft tools.
- Collaborate with incident security operations teams to manage incidents.
- Create and improve threat detection strategies based on intelligence.
- Support onboarding of new managed clients onto the Microsoft security stack.
- Investigate endpoint, identity, and cloud alerts and document findings.
- Support Defender XDR configuration across various Microsoft services.
- Tune detection rules and analytics queries to reduce alert fatigue.
- Participate in incident response efforts with senior engineers.
- Identify repeatable tasks and propose automation solutions.
Requirements
- Hands-on experience in cybersecurity, IT, or a Microsoft cloud role.
- Familiarity with at least two Microsoft security tools.
- Understanding of core security concepts like SIEM and threat detection.
- Experience writing KQL queries or a motivation to learn.
- Understanding of cloud security concepts and Azure services.
- Ability to analyze and mitigate security threats and incidents.
- Strong problem-solving skills and ability to work under pressure.
- Excellent communication skills for collaboration with stakeholders.
- Current Microsoft SC-200 certification is strongly encouraged.