cybersecurity

ey skill set: Microsoft Defender Security Suite, including Defender XDR, Defender for Endpoint, Defender for Cloud, and Sentinel.
Key Responsibilities:

• Lead the tuning and optimization of Microsoft Defender XDR alerts across domains (Endpoint, Identity, Email, Cloud)Engineer cross-platform automation flows that connect Defender XDR, Sentinel, and ServiceNow
• Translate enterprise use cases into declarative logic and automation rules within the Microsoft Security Suite Build and refine KQL queries, automation rules, and Graph API-based integrations
• Partner with internal engineering and domain teams to assess coverage gaps, reduce noise, and eliminate redundant tooling. Contribute to foundational initiatives like containment automation, alert confidence scoring, and policy enforcement workflows

Required Skills and Experience:

• 5+ years working in cybersecurity engineering roles with enterprise-scale tooling. Deep expertise in Microsoft Defender Suite: Defender XDR, Defender for Endpoint, Defender for Cloud, Sentinel
• Strong experience with tuning detections, suppression rules, and enrichment logic
• Familiarity with Graph API, KQL, and automation/integration via PowerShell or PythonExperience integrating security workflows with ServiceNow (SIR/ITSM modules)Ability to work independently and translate strategic direction into engineering execution

Nice to Have:

• Prior experience in proactive containment workflows, AI/ML-enriched decisioning, or security platform consolidation
• Familiarity with SOAR architecture, even if this role does not focus on SOAR tooling

Expectations:
These roles require autonomy, senior-level thinking, and high-context comprehension. You will be expected to rapidly onboard into a high-performing team focused on automation-led enterprise protection.