Overview
On Site
USD 50.00 - 70.00 per hour
Contract - W2
Contract - Independent
Skills
Real-time
Management
Microsoft
Workflow
Threat Analysis
SAP BASIS
Mentorship
Incident Management
Knowledge Transfer
Analytics
Collaboration
Security Operations
Leadership
Job Details
Description
***100% onsite in Saint Paul, MN***
Robert Half has a client with an immediate need on their security team, specifically working with the Microsoft Defender tool. This need will require someone that has engineer to architecture level experience in Microsoft Defender. In this role, you will leverage your expertise to enhance real-time security monitoring, detection, and response efforts using Microsoft Defender and Sentinel platforms. This is a long-term contract position that offers the opportunity to work closely with incident response teams and contribute to the organization's security operations.
Responsibilities:
Oversee security alerts and anomalies within Microsoft Defender and Sentinel platforms, ensuring timely identification of Indicators of Compromise (IOCs).
Conduct triage and enrichment of security events, initiating appropriate responses and escalating incidents as outlined in established playbooks.
Enhance detection capabilities by refining analytics rules, creating watchlists, and developing automated workflows using Logic Apps.
Prepare detailed reports on threat intelligence, incidents, and control recommendations on a regular basis.
Mentor team members and provide guidance on improving incident response processes and playbooks.
Update and optimize incident response playbooks to align with evolving security challenges.
Deliver knowledge transfer sessions to internal staff, ensuring effective understanding of tools and processes.
Produce metrics that demonstrate noise reduction and improved detection accuracy after tuning rules and analytics.
Collaborate with security operations leadership to identify gaps and propose actionable solutions for enhanced security posture.
***ANYONE INTERESTED IN THIS ROLE SHOULD CONTACT ROBERT BROMMEL AT
Requirements
A minimum of 3-5 years of hands-on experience working with Microsoft Defender and Sentinel in a security operations environment.
Strong proficiency in Active Directory, Windows Server, and Windows 10 telemetry.
Expertise in building effective detections, hunting queries, and implementing automation within security platforms.
Knowledge of incident response lifecycle and familiarity with MITRE ATT& CK framework.
Solid understanding of Security Operations Center functionalities and best practices.
Ability to analyze and interpret Windows and Active Directory telemetry to identify security threats.
Experience in creating and refining security playbooks and delivering training sessions to team members.
Technology Doesn't Change the World, People Do.
Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.
All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.
2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.
***100% onsite in Saint Paul, MN***
Robert Half has a client with an immediate need on their security team, specifically working with the Microsoft Defender tool. This need will require someone that has engineer to architecture level experience in Microsoft Defender. In this role, you will leverage your expertise to enhance real-time security monitoring, detection, and response efforts using Microsoft Defender and Sentinel platforms. This is a long-term contract position that offers the opportunity to work closely with incident response teams and contribute to the organization's security operations.
Responsibilities:
Oversee security alerts and anomalies within Microsoft Defender and Sentinel platforms, ensuring timely identification of Indicators of Compromise (IOCs).
Conduct triage and enrichment of security events, initiating appropriate responses and escalating incidents as outlined in established playbooks.
Enhance detection capabilities by refining analytics rules, creating watchlists, and developing automated workflows using Logic Apps.
Prepare detailed reports on threat intelligence, incidents, and control recommendations on a regular basis.
Mentor team members and provide guidance on improving incident response processes and playbooks.
Update and optimize incident response playbooks to align with evolving security challenges.
Deliver knowledge transfer sessions to internal staff, ensuring effective understanding of tools and processes.
Produce metrics that demonstrate noise reduction and improved detection accuracy after tuning rules and analytics.
Collaborate with security operations leadership to identify gaps and propose actionable solutions for enhanced security posture.
***ANYONE INTERESTED IN THIS ROLE SHOULD CONTACT ROBERT BROMMEL AT
Requirements
A minimum of 3-5 years of hands-on experience working with Microsoft Defender and Sentinel in a security operations environment.
Strong proficiency in Active Directory, Windows Server, and Windows 10 telemetry.
Expertise in building effective detections, hunting queries, and implementing automation within security platforms.
Knowledge of incident response lifecycle and familiarity with MITRE ATT& CK framework.
Solid understanding of Security Operations Center functionalities and best practices.
Ability to analyze and interpret Windows and Active Directory telemetry to identify security threats.
Experience in creating and refining security playbooks and delivering training sessions to team members.
Technology Doesn't Change the World, People Do.
Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.
All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.
2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.