Description
Microsoft Security - Defender Sentinel - Hybrid - Outside IR35
IT Security Engineer responsible for supporting the deployment of Microsoft Defender to all endpoints globally.
• Support deployment of Microsoft Defender to all endpoints (Servers, Laptops and Desktops).
• Ensure that the policies applied to the endpoints offer equivalent protection to current tools.
• Ensure that the deployment is performed in line with the bank's policies and procedures.
• Ensure that the correct level of monitoring and alerting is configured in Microsoft Sentinel.
• Remediate issues that arise in the deployment of Microsoft Defender.
Knowledge/Experience
• Proven experience as a Security Engineer with a focus on endpoint security.
• Previous experience deploying Microsoft Defender.
• Relevant Microsoft Certifications.
• Excellent problem-solving skills and the ability to troubleshoot complex security issues.
• Strong understanding of cybersecurity principles, threat landscapes & mitigation strategies.
• Experience with endpoint management and security tools.
• Understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2
• Expertise with EDR, Vulnerability management, MITRE attack framework and Incident response.
• Expert knowledge of Microsoft Defender (including Defender XDR), including policy configuration and ASR rules.
• Experience deploying Microsoft Defender via Microsoft Intune, SCCM and Azure ARC.
• Experience with Microsoft Sentinel, including integration and advanced query writing using KQL (Sentinel Analytics, Hunts and Notebooks).
• Experience managing Sentinel log ingestion (Azure Monitoring Agent, DCRs, LogStash).
• Experience with other SIEM technologies (LogRhythm).
• Experience with McAfee/Trellix (removal from endpoints).
• Knowledge of integrating Sentinel with Service Now.
• Sentinel Use Case development.