Job Summary:
An ideal candidate will have experience in the Microsoft security products since that’s what we’re using for now/
- Microsoft Sentinel
- MS Defender
- MS Entra ID
Daily tasks entail:
- Monitoring and remediating security alerts from Sentinel and Defender
- Develop Sentinel workflows/playbooks for automating response
- Providing forensic data for future investigations
- Utilizing MS Threat Explorer and Advanced Hunting for investigations
- Configuring Exchange transport rules with respect to security events
- Configuring Defender Tenant Block/Allow lists