We are looking for a skilled Microsoft Defender Engineer with hands-on experience in deploying, managing, and optimizing the Microsoft Defender security suite. The ideal candidate will be responsible for strengthening endpoint security, identity protection, cloud application security, and incident response across enterprise environments.
Key Responsibilities
Deploy, configure, and manage Microsoft Defender security solutions across enterprise environments.
Administer and maintain Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, Defender for Cloud Apps, and Microsoft Defender XDR.
Monitor security alerts, investigate incidents, and perform threat hunting activities.
Analyze security events and respond to malware, ransomware, phishing, and advanced cyber threats.
Configure attack surface reduction (ASR) rules, endpoint detection and response (EDR), and antivirus policies.
Develop and fine-tune security policies, detection rules, and automated response workflows.
Integrate Microsoft Defender with Microsoft Sentinel and other SIEM/SOAR platforms.
Perform endpoint onboarding, policy deployment, and security compliance assessments.
Conduct vulnerability management using Microsoft Defender Vulnerability Management.
Collaborate with infrastructure, cloud, and security teams to improve the organization's security posture.
Prepare security reports, dashboards, and incident documentation.
Participate in security audits, compliance initiatives, and vulnerability remediation activities.
Stay updated on the latest Microsoft security features, threat intelligence, and cybersecurity trends.
Technical Skills
Mandatory Skills
Microsoft Defender for Endpoint (MDE)
Microsoft Defender XDR
Microsoft Defender for Office 365
Microsoft Defender for Identity
Microsoft Defender for Cloud Apps (MCAS)
Microsoft Entra ID (Azure AD) Security
Microsoft Intune
Endpoint Detection & Response (EDR)
Threat Hunting & Incident Response
Attack Surface Reduction (ASR)
Microsoft Sentinel
Microsoft 365 Security Center
Windows Security & Endpoint Hardening
PowerShell Scripting
Security Baselines & Compliance Policies
Good to Have
Microsoft Defender for Cloud
Azure Security Center
Microsoft Purview
Microsoft Intune Endpoint Security
Microsoft Security Copilot
SIEM/SOAR integration experience
Knowledge of Zero Trust Architecture
Experience with MITRE ATT&CK Framework
Knowledge of CIS Benchmarks and NIST Security Framework
Required Qualifications
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
4–8 years of experience in Microsoft Security technologies.
Strong experience in Microsoft Defender deployment and administration.
Experience with Microsoft 365 Security, Azure Security, and Endpoint Security.
Hands-on experience in incident investigation, malware analysis, and threat detection.
Good understanding of Windows Server, Active Directory, DNS, networking, and identity management.
Strong troubleshooting, analytical, and problem-solving skills.
Excellent communication and documentation skills.
Preferred Certifications
Microsoft Certified: Security Operations Analyst Associate (SC-200)
Microsoft Certified: Identity and Access Administrator Associate (SC-300)
Microsoft Certified: Information Protection Administrator Associate (SC-400)
Microsoft Certified: Cybersecurity Architect Expert (SC-100)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Microsoft 365 Certified: Endpoint Administrator Associate (MD-102)
Soft Skills
Strong analytical and investigative skills.
Excellent verbal and written communication.
Ability to work independently and in a collaborative team environment.
Strong incident management and troubleshooting capabilities.
Willingness to work in rotational shifts or provide on-call support when required.