Sr. Cloud Engineer M365-Defender (L3)

Sr. Cloud Engineer M365-Defender (L3)

2 Nos.
96627
Full Time
5.0 Year(s) To 10.0 Year(s)
10.00 LPA TO 15.00 LPA
IT Infrastructure & IT Security / Support
ITES/BPO/KPO
B.Tech/B.E. - Computers
Job Description:

Position – Sr. Cloud Engineer M365 - MS Defender for Endpoint (Level 3)

Eligibility Criteria:

  • Minimum of 5+ years of experience in IT security, with at least 2+ years focused on Microsoft Defender for Endpoint.
  • Should be Graduate or Above
  • Should have extensive working knowledge of Microsoft Office365 cloud.

 Principal Responsibilities:                                  

  • Responsible for providing high end Technical & Project based support & consultation for Microsoft 365 Cloud
  • The candidate will be required to architect, design and implement solutions using different services & solutions offered by Microsoft 365 package
  • Handling Tier 2 / escalations for Microsoft 365 related issues.
  • Help Tier 1 & Tier 2 resources to address the Microsoft 365 related issues
  • Troubleshooting the advanced Microsoft 365 issues and performing call backs ensuring issues are resolved in the defined SLA & appropriate solution is provided to the customer.
  • Will be responsible for updating, sharing daily, weekly & monthly Microsoft 365 related tickets tracker & analysis.
  • Resolving any global, cross-functional or work-team issues.
  • Defining key management routines and governance strategy to ensure effective business process execution.
  • Reporting and trending on the effectiveness of the solutions and standards.
  • Initiate improvements in tools, requirements gathering, processes, and people responsible to investigate causes, tests solutions & suggest solutions in place to reduce the time taken to resolve the Microsoft 365 related tickets.
  • Understanding Microsoft 365 support priorities and objectives and takes an active role in accomplishing them.
  • Should be able to use & provide advanced tools for Microsoft 365 issues diagnosis & troubleshooting
  • Responsible for handling individual projects related to new implementations, improvisations or migrations to Microsoft 365 from multiple source platforms.

Behavioral Skills

  • Excellent verbal & written Communication skills
  • Should have excellent customer handling & listening skills
  • Strong analytical skills
  • Strong problem-solving skills
  • Change Management & decision-making skills.
  • Quick decision maker and fast learner
  • Result Oriented & able to deliver within timelines

Technical Skills:

  • Deep understanding of Microsoft Defender for Endpoint, including its components, features, and configuration options.
  • Strong knowledge of Windows operating systems and Active Directory.
  • Proficiency in PowerShell scripting and automation.
  • Experience with security technologies such as firewalls, intrusion detection systems, and SIEM.
  • Familiarity with threat intelligence feeds and analysis techniques.
  • Understanding of network protocols and security concepts.
  • Microsoft Entra ID: Should have extensive knowledge in AZURE AD (Microsoft Entra ID) and AD Connect (Microsoft Entra Connect) implementation.
  • Should have hands on experience in Register / Join / Hybrid Join devices to Azure Active Directory (Microsoft Entra ID).
  • Microsoft Endpoint Manager: Should have working knowledge on Microsoft Intune (Microsoft Endpoint Manager).
  • Show have hands on experience in enrolling devices, compliance and configuration policies.
  • Windows Autopilot, setting up Windows, Android, IOS, macOS enrollment.
  • Troubleshooting device enrollment issues, configuring applications on devices.
  • Design, implement, and maintain Microsoft Intune infrastructure for device and application management.
  • Integrate Intune with other Microsoft 365 services, including Azure AD, Endpoint Manager, and Conditional Access.
  • Manage and troubleshoot issues related to device compliance, app protection policies, and conditional access.
  • Microsoft Defender for Endpoint: Develop and optimize advanced hunting queries and custom detection rules, Analyze complex security incidents and lead threat hunting initiatives.
  • Deep expertise in Microsoft Defender for Endpoint, including advanced features and integrations.
  • Familiarity with threat intelligence platforms and their integration with Defender for Endpoint.
  • Analyze and tune detection rules to reduce false positives while maintaining security efficacy.
  • Identify and resolve performance issues related to Defender for Endpoint.
  • Provide best practices for policy management and security baselines.
  • Configure data connectors for Azure Sentinel to ingest logs from diverse sources (e.g., Azure services, on-premises environments, third-party systems).
  • Knowledge of incident detection techniques, such as IOC (Indicators of Compromise) matching and anomaly detection.
  • Conducting proactive threat hunting using Azure Sentinel features.
  • Configuring API-based integrations and custom data collection using Azure Monitor or Logic Apps.
  • Strong understanding of EDR (Endpoint Detection and Response) principles and practices.
  • In-depth knowledge of Microsoft Defender XDR components, features, and configuration options, including unified threat management, automated investigation and response, and threat hunting.
  • In-depth knowledge of MDE components, features, and configuration options, including:
    • Endpoint Detection and Response (EDR)
    • Threat and Vulnerability Management (TVM)
    • Attack Surface Reduction (ASR)
    • Exploit Protection
    • Behavioral Analysis
  • Security Analysis and Incident Response:
    • Threat Hunting: Ability to proactively search for and identify advanced threats using MDE's threat hunting capabilities.
    • Incident Response: Experience in responding to security incidents, conducting investigations, and implementing remediation measures.
    • Log Analysis: Proficiency in analyzing security logs (e.g., Windows event logs, MDE logs) to identify anomalies and potential threats.
    • Diagnose and resolve complex MDE-related issues, including endpoint detection and response (EDR) alerts, investigation, and incident response.

Preferred Certifications:

  • SC -200: Microsoft Certified: Security Administrator Associate
  • SC - 300: Microsoft Certified: Security Operations Analyst Associate
  • SC - 400: Microsoft Certified: Information Protection and Compliance Administrator Associate
  • MS-102: Microsoft 365 Administrator
  • MD-102: Microsoft 365 Certified: Fundamentals
Company Profile

 A tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

Apply Now

  • Interested candidates are requested to apply for this job.
  • Recruiters will evaluate your candidature and will get in touch with you.

Similar Jobs