Back to search
IT Engineer - Microsoft Defender Security Operations
3 months
London - hybrid
Inside IR35 - Umbrella only
Role Overview
We are seeking an accomplished IT Engineer with specialist expertise in the Microsoft Defender security ecosystem. The successful candidate will strengthen cyber defence across endpoints, identities, cloud services, and hybrid infrastructure.
Key Responsibilities
Security operations and threat defence
- Manage and optimise Microsoft Defender across Endpoint, Identity, Cloud Apps, Office 365, and Cloud Security Posture Management.
- Monitor alerts and conduct threat investigations.
- Support incident response with containment and remediation.
- Conduct proactive threat hunting.
Platform administration and governance
- Configure policy baselines and protection profiles.
- Maintain governance and compliance alignment.
- Lead version management and capability tuning.
- Maintain documentation for configurations and processes.
Stakeholder engagement and improvement
- Collaborate with Infrastructure, Cloud, and Cyber Security teams.
- Provide security insights to projects.
- Produce reporting for stakeholders.
- Identify automation and workflow enhancements.
Essential Skills
- Strong experience with Microsoft Defender platforms.
- Incident investigation skills across endpoint, identity, and cloud.
- Understanding of Microsoft 365, Azure, and Zero Trust.
- Skilled in ASR rules, AV baselines, and KQL analytics.
Desirable Skills
- Experience with Microsoft Sentinel.
- Understanding of MITRE ATT and CK.
- Exposure to red team activities.
- Familiarity with automation using PowerShell.
Professional Attributes
- Analytical thinker.
- Resilient and proactive.
- Strong communicator.
- Collaborative mindset.
Qualifications
- Microsoft security certifications such as SC 200, SC 300, or SC 400.
- Broader cloud or cyber qualifications beneficial.
