An Asset Management firm is seeking a SR. Cyber Security Engineer . This role will focus on planning, designing and executing security-related projects, processes and procedures in a Microsoft-oriented environment. Areas of focus for this position will include managing the Microsoft Defender Security Suite, incident response, threat hunting, improvements to our detection and protection capabilities and vendor security reviews. The hire will work with Technology Solutions Team and business units to assess risks and security issues and propose solutions. The individual may also be involved in investigation and reporting of security incidents as necessary.
Responsibilities include but are not limited to:
- Managing the Microsoft Defender XDR platform deployed at the Firm including Sentinel, Defender for Endpoint, Defender for Cloud Applications, Defender for Office and Defender for Cloud
- Performing incident response on security events
- Performing threat hunting activities and creating new detections and protections based on the results of those hunts
- Designing, developing and implementing improvements to our security detection and protection capabilities
- Security projects include: (1) developing roadmaps, requirements and architectures for project, (2) collaborating and supporting other Technology Solutions teams on the security components of cross team projects and (3) ensuring a smooth transition from initial solution through architecture, implementation and steady state operations
- Engaging with vendors on support issues and performing regular product and business reviews
- Providing Level 3 problem management and troubleshooting
- Providing documentation on security processes and best practices for the Service Desk team
- Meeting deadlines and collaborating with internal and external Technology Solutions Teams
Candidate Requirements
Qualifications & Experience:
- Bachelor’s degree or equivalent experience
- 10+ years of experience supporting information security, incident response, executing security-related projects and applying security best practices in a medium-to-large sized organization.
- 3+ years of experience implementing or managing the Microsoft Defender security suite.
- Demonstrated prior experience planning and executing the security components of a Microsoft-centric technology organization
- Experience writing Kusto Query Language (KQL) queries in Sentinel and Defender Advanced Hunting
- Active Directory and Azure Active Directory / Entra ID security
- Microsoft Azure cloud security and administration
- PowerShell scripting experience
- Business acumen to understand the impact IT security and technology has on business outcomes