To Apply for this Job Click Here
Key Responsibilities:
Monitor, investigate, and respond to security alerts across Microsoft Sentinel and the Defender suite.
Build, tune, and maintain analytic rules, automation playbooks, and incident response workflows in Sentinel.
Use KQL to perform advanced log analysis, threat hunting, and data correlation.
Manage and optimize Defender for Cloud recommendations, secure score, and cloud posture improvements.
Support incident response activities across Microsoft security tools.
Strengthen identity, endpoint, and cloud security controls using Microsoft-native capabilities.
Required Skills:
5+ years of experience
Strong experience with Microsoft Sentinel (KQL, rule creation, automation, incident handling).
Hands-on experience with Microsoft Defender products (Endpoint, Identity, Office 365).
Experience with Defender for Cloud (CSPM, workload protection, secure score).
Solid understanding of cloud security concepts, identity security, and threat detection.
Ability to analyze logs, investigate threats, and respond to incidents using Microsoft-native tools.
Pluses:
Own the end-to-end engineering, configuration, and operational health of Microsoft Purview DLP and other DLP platforms across endpoint, network, and cloud channels.
Design, deploy, and maintain DLP policies that protect sensitive data including payment card information, employee PII, financial records, and proprietary business data.
Continuously monitor, tune, and optimize DLP policies to maximize detection accuracy while aggressively reducing false positives.
1449331_1773343721