Job ID: GA-799718 (94390409)
Onsite/Local Microsoft Defender/Sentinel Security Engineer (C2H) with Playbooks, Threat Explorer, Tenant Block/Allow, Kusto Query Language, Active Directory, Entra ID, Exchange experience
Location: Lawrenceville, GA (GGC)
Duration: 15 Months
ON-SITE ONLY
Skills:
Creation of Microsoft Sentinel Playbooks Required 2 Years
Microsoft Defender for Identity (Threat Explorer, Tenant Block/Allow Lists, Incidents and Alerts, etc) Required 3 Years
Knowledge in Defender Kusto Query Language Highly desired 1 Years
Microsoft Active Directory Required 3 Years
Description:
Under general supervision, plans, directs and coordinates security operational duties in Information Technology, specifically in the field of Information Security. Develops and enforces the organization’s security policies and procedures.
Job Summary:
An ideal candidate will have experience in the Microsoft security products since that’s what we’re using for now/
Microsoft Sentinel
MS Defender
MS Entra ID
Daily tasks entail:
Monitoring and remediating security alerts from Sentinel and Defender
Develop Sentinel workflows/playbooks for automating response
Providing forensic data for future investigations
Utilizing MS Threat Explorer and Advanced Hunting for investigations
Configuring Exchange transport rules with respect to security events
Configuring Defender Tenant Block/Allow lists