39 Microsoft Defender Jobs

You are a detail-oriented and proactive Vulnerability Management Subject Matter Expert (SME) with over 5 years of experience in Vulnerability Management. Your primary responsibility is to identify, analyze, and mitigate security vulnerabilities to enhance the security posture of the organization. Your key responsibilities include performing vulnerability assessments using tools such as Microsoft Defender and Qualys to identify and analyze potential security risks. You will monitor alerts and incidents from security tools, ensuring prompt identification and remediation of vulnerabilities. Managing the entire vulnerability management lifecycle, including detection, prioritization, remediation, and reporting, is also a crucial part of your role. Collaborating with network and system administrators to deploy patches and security fixes, conducting network security assessments, and assisting in identifying, testing, and applying fixes for vulnerabilities within the organization are essential tasks. You will communicate security findings and risk assessments to technical teams and non-technical stakeholders, ensuring compliance with organizational security policies and industry standards. Your role involves generating comprehensive reports for management, highlighting critical vulnerabilities and mitigation actions, and utilizing Power BI for effective vulnerability reporting and data visualization. It is imperative to stay updated with industry trends, security vulnerabilities, and patch management practices to continuously improve security measures. Must-Have Skills: - Strong experience in Vulnerability Management (5+ years) - Solid knowledge of vulnerability management processes and tools - Hands-on experience with vulnerability assessments and risk analysis - Basic understanding of network fundamentals (TCP/IP, DNS, VPNs, etc.) - Ability to manage the full vulnerability management lifecycle - Strong communication skills to convey technical findings to diverse stakeholders Good-to-Have Skills: - Familiarity with Qualys or other vulnerability management tools - Experience with Power BI for data reporting and visualization - Experience with patch management and security remediation practices,

Role & responsibilities 5 to 7 years of work experience in cyber security /Information security project, with security posture. Assessment At least one technical certification required (CEH, CompTIA Security+, CBCA, CSA etc.) Should have at least one cyber security certification (CISM, CCIR, ECSA, GCIH etc.) Lead and manage advanced threat detection and response efforts using carbon black EDR across our clients endpoints. Investigate and analyze sophisticated security alerts and events to determine root cause, scope and impact of security incidents. Provide technical expertise and guidance to junior analysts (L1, L2s), assisting with incident investigations, analysis and resolution Develop and implement advanced detection and response strategies using Carbon Black EDR to enhance our overall security posture. Lead incident response efforts, including coordination with cross-functional teams and external stakeholders. Conduct in-depth analysis of endpoint data and logs to identify indicators of compromise (IOC) and advanced attack techniques. Collaborate with threat intelligence teams to stay updated on emerging threats and tactics used by threat actors. Develop and maintain security playbooks, procedures and response plans for incident response and threat hunting. Assist in the tuning and optimization of Carbon Black EDR policies, SIEM rules and custom queries to improve detection efficacy. Contact Person: Ackshaya Email ID: ackshaya@gojobs.biz

You are invited to join our team as a skilled and vigilant L1 Cyber Security Professional for EDR Operations within our dynamic security team. Your primary responsibility will involve monitoring, analyzing, and responding to security incidents, particularly focusing on Carbon Black EDR alerts and maintaining SLAs. As a qualified candidate, you should possess a Graduation/Post-graduation degree in Computers, Information Systems, Computer Science, or Information Technology Systems with 5 to 7 years of relevant work experience as a security analyst, including hands-on experience with EDRs. It is preferred that you hold at least one cyber security certification such as CEH, CompTIA+, etc. Additionally, familiarity with banking business practices and IT trends in the banking sector would be beneficial. Your role will require you to proactively research and monitor Carbon Black EDR, identify potential threats, troubleshoot EDR agent-related issues, and analyze endpoint data to detect Indicators of Compromise (IOCs) and suspicious activities. Furthermore, you should be well-versed in threats like phishing, ransomware, spyware, and have the ability to decode encrypted scripts for alert execution comprehension. In this position, you will conduct initial triage and assessment of security incidents, escalate confirmed incidents to the appropriate teams, and ensure all EDR operations and tickets are resolved within SLAs. It is essential to have expertise in TCP/IP network traffic, Internet protocols, event log analysis, and stay updated with the latest cybersecurity threats, vulnerabilities, and trends relevant to endpoints. Moreover, you should be familiar with Runbooks, Playbooks, and Standard Operating Procedures, possess strong analytical skills to support conclusions, and maintain awareness of industry best practices for endpoint security and threat detection. Effective communication, teamwork, positive attitude, and a sense of ownership are key personal skills required for this role. If you are ready to take on this exciting opportunity and meet the specified qualifications, please share your updated resume with us at kanchana@kaivale.com.,

Black And White Business Solutions is actively seeking a skilled Endpoint Security Engineer to strengthen our cybersecurity posture. This role is ideal for individuals with proven experience in endpoint security and hands-on expertise with Microsoft Defender . If you are an immediate joiner or currently serving your notice period and are passionate about protecting organizational assets, we encourage you to apply. Required Skills and Qualifications Endpoint Security : Proven experience in managing, implementing, and troubleshooting endpoint security solutions. This includes understanding various endpoint protection platforms, threat detection, and incident response at the endpoint level. MS Defender : Strong hands-on expertise with Microsoft Defender (Microsoft Defender for Endpoint) , including its deployment, configuration, policy management, threat investigation, and remediation capabilities. Qualification Any Graduate or Above CTC Range 15 to 17 LPA (fixed) Notice Period Immediate joiners / Currently serving Interested candidates are requested to share the following details: Name as per your PAN card: Mobile No: Email ID: Current and preferred location: Current and Expected CTC: Total and Relevant Experience: Official notice period: (if serving/immediate - Last Working Day) Contact: Gayatri G Staffing Analyst - IT Recruiter Black and White Business Solutions Pvt Ltd Bangalore, Karnataka, INDIA Email: [HIDDEN TEXT] | Website: www.blackwhite.in Direct Number: +91 8067432430

As a global group of life-saving technology companies, Halma is dedicated to pushing the boundaries of science and technology. With headquarters in the UK and operations spanning 23 countries, including regional hubs in India, China, Brazil, and the US, we have a diverse portfolio of nearly 50 companies specializing in market-leading technologies. For over 42 years, our purpose-driven approach, strategic initiatives, talented workforce, unique DNA, and sustainable business model have consistently delivered remarkable long-term growth in revenues and profits. Halma stands out as an FTSE 100 company by annually increasing dividends by 5%, a feat unparalleled by any other company on the London Stock Exchange. Why Join Us Certified as a Great Place to Work, Halma fosters an employee-centric culture based on autonomy, trust, respect, humility, work-life balance, team spirit, and approachable leadership. We provide a safe and inclusive workplace where individuality is celebrated, and everyone is encouraged to leverage their unique talents and backgrounds to drive meaningful outcomes. Position Objective: We are currently looking for dedicated cyber security professionals to join our 24/7 security operations team. In this role, you will play a crucial part in monitoring Halma Group's centralized infrastructure for malicious activities, analyzing logs to detect attack patterns, and ensuring timely responses to infiltration attempts. Additionally, you will manage technical support requests related to security devices integrated into Halma's infrastructure. Responsibilities: - Lead a team of security analysts on an 8-hour rotational shift schedule. - Conduct real-time security monitoring and respond to incidents using various tools and methodologies. - Maintain the group's infrastructure to meet service level expectations. - Develop and manage Security Information and Event Management (SIEM) use cases. - Identify and document incidents through proactive threat hunting. - Perform vulnerability assessments within Halma's network infrastructure and collaborate with stakeholders to mitigate risks. - Design and refine the Incident Response Playbook for enhanced reaction protocols. - Conduct post-incident analyses to improve Halma's incident response processes. - Propose innovative security control measures and solutions. - Provide technical support for security infrastructure, including SIEM, VPN, Antivirus, EDR, and Endpoint Management systems. - Possess a strong understanding of Windows/macOS operating systems and related security measures. - Monitor and manage security incidents for Halma's headquarters and subsidiary companies. - Utilize problem-solving skills during security incidents and alerts investigations. - Perform additional tasks such as generating vulnerability reports and contributing to process improvements. Critical Success Factors: - Resolve security incidents, support issues, and service requests within SLAs. - Contribute to enhancing processes, systems, and services provided by Halma IT. Qualifications: - Bachelor's degree in computer science or IT. Preferred Certifications: - CompTIA Security+, CEH - Microsoft Security certifications like SC-200/SC-300/SC-400 Desirable Certifications: - Any SIEM certifications, any Network certifications Experience: - 5 to 8 years of total experience. - Knowledge of vendor firewall and Remote Access solutions. - Exposure to security technologies, including Incident Response and Microsoft Sentinel. - Familiarity with Active Directory, server virtualization, and Microsoft technologies. - Experience with Microsoft Defender, Microsoft Intune, Cato Networks (VPN and Firewall), Azure Sentinel, and KQL is advantageous.,

Experience in troubleshooting issues related to Intune Modern Management, Microsoft Endpoint Management, MAM & MAM-WE. Proficient in SCCM administration: application packaging and deployment, patch management, OS deployment (OSD), task sequences, and reporting. Manage and monitor SCCM infrastructure, including Distribution Points, Management Points, and Software Update Points. Knowledge in handling Intune MDM console and proactively monitoring device compliance, OS versions, and policy enforcement. Basic knowledge of cloud, Azure, and Active Directory. Knowledge of Intune compliance policies, configuration profiles, app protection policies, and device restrictions. Troubleshoot Android and iOS device issues in Intune. Experience with Windows Autopilot, update rings, SCEP, PKCS. Deliver technical support for Windows Management and SCCM client health. Troubleshooting WSUS, Intune, Active Directory, and SCCM-related issues. Good knowledge of Windows OS, DEP, APNS, VPP. Support Android, iOS, and Windows devices in Intune and SCCM. Working experience with MS Office, SharePoint, and Exchange. Understanding of networking concepts - DNS, DHCP, TCP/IP, Subnetting, IPv4/IPv6. Basic debugging and scripting skills. Strong communication and documentation skills. Desired Skills and Qualifications 4 years of overall IT experience with at least 2 years in SCCM and Intune. Experience with Microsoft Endpoint Manager (Intune + SCCM). Familiarity with ticketing tools like SNOW, Remedy, or HPSM. Basic knowledge of Cloud, MS Azure, and O365 Licensing. Understanding of Conditional Access Policies and compliance frameworks. PowerShell scripting for automation and reporting. Nice to Have Skills Experience with Microsoft Defender, Credential Guard, and Application Guard. Experience in Privileged Identity Management. Experience in application signing and provisioning for iOS, Android, and Windows. Knowledge of Microsoft Power Platform and Power BI. Strong analytical and problem-solving skills. Ability to work independently and collaboratively in a global team environment.

Hi all, We are hiring for the role Information Security Architect Experience: 7 - 9 Years Location: Bangalore Notice Period: Immediate - 15 Days Budget: 20 LPA Only Skills: Information Security Architect -Bangalore Experience Required: 7 - 9 years Certifications: • Mandatory: CISSP (Certified Information Systems Security Professional) • Preferred/Added Advantage: AZ-500 (Microsoft Azure Security Technologies), CCSP (Certified Cloud Security Professiona Must-Have Skills CISSP Certification (Mandatory) Experience in secure architecture, threat modeling, and SD Elements Deep knowledge in application security, cloud (preferably Azure), and secure DevOps Familiar with frameworks like TOGAF, SABSA, NIST Strong collaboration and communication skills Experience using SD Elements for security requirements and issue tracking is mandatory. • Proficient in architecture frameworks such as TOGAF, SABSA, or NIST. • Good knowledge of cloud security (preferably Azure) and secure DevOps practices Good to Have Certifications: AZ-500, CCSP Tools: ThreatModeler, Microsoft Defender Frameworks: OWASP Top 10, MITRE ATT&CK If you are interested drop yor resume at mojesh.p@acesoftlabs.com Call: 9701971793

Job Title: Associate Director or Assistant Director Solution Architect (General) Enterprise Technology provides reliable, secure and resilient technology services and solutions to support our 400,000 EY people. As part of Enterprise Technology, you'll be at the forefront of enabling innovative technologies including emerging collaboration tools and top-tier technology infrastructure.Our aim is to create a superior customer experience with clear investment in innovation, alongside operational excellence that delivers efficient, quality services and solutions. You will work with technologists and business experts to meet the increasing pace of our business. That means more growth for you, exciting learning opportunities, career choices and the chance to make a real impact. The opportunity We are seeking a Solution Architect that is a highly skilled senior role with industry leading architecture and design expertise to support one or more programs. He/she has a deep end to end understanding of architecture standards and platform solution development expertise. In this role you will be responsible for bringing strategy to fruition through the creation and delivery of architectural solution artifacts, and so candidates should be proficient on Microsoft Azure, M365 services, Network and On-prem Infrastructure technology solutions.Candidate must be a self-starter with Agile framework experience and provide RISK/Constraints to product leaders. Ideal candidate must be able to drive the delivery of solutions which align with the strategy. This role will report to the Associate Director of Solution Architecture and Cross Functional Governance. Your key responsibilities Core Drive the successful delivery of Cloud, Network and Platform technology investment efforts. Provides guidance on complex production designs, applications or system problems Solution design will include the creation of reusable, repeatable IP and artifacts. Work closely with security, networking, and operations teams to design integrated and compliant solutions. Manage stakeholders, sponsors, engineering, and operations teams across EY Technology to drive development of IT products, services, and solutions. Manages the technical dependencies across the different products and services Work with Enterprise Architects to ensure alignment with strategic objectives and targets, while providing input into strategic direction as needed. Translate business needs into technical requirements and formulation of solutions, while identifying gaps, strategic impacts, financial impacts and the risk profile in the technical solution or offering. Drive proof-of-concept, prototype design and implementation activities from an architectural perspective. Develop and maintain solution architecture documents and other artifacts to guide design creation and implementations. Stay abreast of industry trends and new technology offerings, perform in-depth research analysis and maintain collaborative partnership with internal IT teams and business customers along with external technology vendors and service providers to ensure robust outcomes. Present subject matter to program / project teams, governance forums and other audiences as needed. Skills and attributes for success We are interested in people with a deep and broad networking background, who bring in experience working in large enterprise environments, performing senior architecture or solution design role. A successful candidate will have technical and all-round experience in being part of a fast-paced team that is enabling the realization of strategic intent by solutioning and building modern network landscapes. These experiences include: History of working credibly with senior stakeholders Strong verbal and written skills including strong cross-cultural communication and the ability to draft effective communications Ability to work with people in a variety of cultures, countries and time zones Demonstrate excellent technical & architecture skills in the context of cloud-based platform/product design, service management and product lifecycle management Demonstrate ability to rapidly learn new and emerging technologies and developing a vision of their suitability and role as a new product within a platform & product landscape Design and develop scalable, secure, and resilient M365 solutions, including Exchange Online, SharePoint, Teams, OneDrive, and Security & Compliance features. Architect hybrid and cloud-native solutions leveraging Azure cloud services, including networking, compute, storage, and security. Design security frameworks leveraging Microsoft Defender, Sentinel, Intune, and Conditional Access policies. Experience with AI-powered IT operations (AIOps) for proactive issue detection, automated troubleshooting, and anomaly detection. Familiarity with Zero Trust architecture, policies and supporting network and security technologies. Strong ability to document processes, procedures and network designs clearly and accurately for distribution to internal teams and customers. To qualify for the role, you must have Creative and self-starter mindset with strong analytical and quantitative skills to operate without direct supervision on multiple complex projects and tasks, and their shifting priorities in parallel. Effective listening skills and display openness to other people's ideas and thoughts. Ability to deal efficiently with escalations, conflicts and difficult situations/people under pressure. Strong influencing skills to collaborate effectively and efficiently across the firm. English language skills - excellent written and verbal communication. Flexibility to work out of regular office hours to cater to the global organization needs. Ideally, you'll also have Prior experience working for a large organization with a complex environment Education: Bachelor's or master's degree from an accredited college or university in Computer Science, Computer Engineering, MIS, or a closely related field Experience: 15+ years of experience in IT architecture, with a focus on Microsoft 365, data centers, and Azure cloud infrastructure. Possession of a current (non-expired) professional, industry recognized certification. Experience with enterprise IT governance, compliance, and risk management frameworks. Familiarity/experience with TOGAF methodology.

Hi All, Movate ( Formerly known as CSSCorp ) is hiring for Senior Endpoint Security Engineer Role. Job Responsibilities: Provide Technical Support to customers and partners Provide technical services include writing scripts, troubleshooting and best practices to customers Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner Provide fault isolation and root cause analysis for technical issues Publish Technical Support Bulletins and other technical documentation in the Knowledge Base Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc. Travel to customer sites in the event of a critical situation to expedite resolution as required Provide on-call support 24x7 on an as needed basis Provide configurations, troubleshooting and best practices to customers. Work with our Engineering team and influence the operability of the product. Participate in regular weekend on-call rotation and provide after-hours support on an as-needed basis. Able to effectively communicate to all levels and stakeholders - internally and externally on complex technical issues Desired Skills 3+ years of related experience. Provide configurations, troubleshooting and best practices to customers. Required experience with supporting EndPoint software products. Required strong experience with Windows OS, Linux OS and macOS based applications (Installation, troubleshooting, Debugging). Experience with Android OS based applications (Installation, troubleshooting, Debugging). Strong experience with MS environment (SCCM, GPO, AD, MSSQL, IIS). Experience with EndPoint security software is a plus (Antivirus, DLP, IPS, NAC). Knowledge of SIEM, vulnerability management tools and firewalls. Experience understanding malware, exploits, operating system structure and behavior. Experience with batch scripting and Python is a plus Strong ability to independently troubleshoot, reproduce issues and identify feasible workarounds in broad, complex, and unique environments with mixed applications and protocols required. Knowledge of Cloud infrastructure a plus Knowledge of VDI (VMWare Horizon, Citrix XenApp and XenDesktop) is a plus BS/MS or equivalent experience require

Responsibilities: Design and deploy DLP policies and rules for Microsoft 365 and Azure services, such as Exchange Online, SharePoint Online, OneDrive, Teams, Power Platform, and Azure Storage. Integrate DLP solutions with other security tools, such as Microsoft Cloud App Security, Azure Sentinel, Azure Information Protection, and Microsoft Defender for Endpoint. Perform data discovery and classification to identify and label sensitive data across the cloud environment. Configure and manage DLP alerts, notifications, and reports using Microsoft 365 Compliance Center and Azure Portal. Analyze and investigate DLP incidents and policy violations using various tools and techniques. Provide guidance and recommendations to business stakeholders and IT teams on DLP best practices and compliance requirements. Develop and maintain DLP documentation, policies, and procedures. Provide DLP training and awareness to end users and administrators. At least 5 years of experience in DLP engineering, administration, or consulting with Microsoft technologies. Strong knowledge and experience with Microsoft 365 and Azure DLP solutions and features. Experience with other Microsoft security products, such as Microsoft Cloud App Security, Azure Information Protection, and Microsoft Defender for Endpoint.

Sr Analyst IAM & O365- 5+ Years – Gurgaon Are you a seasoned professional with over 5 years of experience in Identity and Access Management (IAM) and Office 365 administration? Here's your chance to elevate your career trajectory with a role that combines cutting-edge technologies, problem-solving in analytics, and proactive governance. Join a fantastic team that values growth, inclusivity, and innovation while working out of bustling Gurgaon. Location - Gurgaon Your Future Employer A globally renowned organization committed to driving innovation in technology and analytics. This company puts equality, diversity, and inclusion at the forefront of its values and is dedicated to investing in employee development. Responsibilities Provide end-to-end support for Identity and Access Management (IAM) processes, including provisioning, de-provisioning, and role creation. Administer and manage Office 365 system configurations, licenses, and environment standards to ensure proper compliance. Troubleshoot IAM and O365 issues, coordinating closely with cross-functional teams for resolution. Proactively identify inefficiencies in identity governance processes and recommend scalable solutions. Assist in design, deployment, and maintenance phases of IAM solutions focused on enhancing security. Develop comprehensive analytics and reports to track and report IAM and O365 performance metrics. Collaborate with stakeholders to implement best practices in user access security, data protection, and compliance efforts. Requirements Education & Experience: Bachelor’s degree in Computer Science, Information Technology, or a related field with 5+ years of relevant work. Technical Expertise: Proven experience in IAM tools (e.g., Active Directory, Okta, CyberArk) and Microsoft Office 365 administration. Problem-Solving Skills: Sharp analytical abilities to troubleshoot complex IT and IAM issues. Soft Skills:Strong communication and collaboration skills with a growth-oriented mindset. Certifications such as Microsoft Certified: Modern Desktop Administrator Associate or similar are a plus. Knowledge of cloud platforms such as AWS or Azure is an advantage. What's In It For You Competitive salary package linked to industry standards. Exposure to an inclusive work culture that emphasizes continuous learning and career development. Opportunity to work on cutting-edge tools and technologies. Flexible work policy adapting to modern workforce needs. Health and wellness programs designed to support your physical and mental well-being. Reach Us If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at priya.bhatia@crescendogroup.in Disclaimer Crescendo Global specializes in senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging and memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note We receive a lot of applications daily, so it may become difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted if you don't hear back from us within 1 week. Your patience is highly appreciated. Profile Keywords IAM, Identity and Access Management, Office 365, MS O365 Administration, Senior Analyst, IAM Analyst, Gurgaon Jobs, IAM Specialist, Active Directory, CyberArk, Okta, Azure, AWS, Analytics, IT Security, IT Governance, IAM Reporting, IAM Administration.

As a Global IT Service Desk Analyst at Lucy Electric Manufacturing & Technologies Pvt Ltd, you will play a crucial role in providing first-line support to end-users, managing service requests and incidents, and ensuring the smooth on-boarding/off-boarding process for new users across Lucy Group companies. Your dedication to delivering exceptional IT services will contribute to the seamless operation of medium voltage switching and protection solutions for electrical distribution systems worldwide. Your responsibilities will include ensuring timely resolution of assigned incidents, requests, and queries, escalating critical issues, administering core M365 services, managing user accounts and permissions, troubleshooting email and collaboration tools, and adhering to ITIL Service Management best practices. Additionally, you will collaborate with team members to enhance IT services, monitor incidents and alerts, and provide expedited support to VIP users. Key skills for this role include proficiency in M365 Admin Centre, Exchange, Active Directory, and Windows Operating System, familiarity with Microsoft Defender, Intune, and Microsoft Entra, strong communication and problem-solving skills, the ability to multitask in a fast-paced environment, and a commitment to maintaining a positive End-User Experience. Previous experience in IT Service Desk or IT support, ITIL certification, and knowledge of Infrastructure technologies and the Microsoft Eco System are essential qualifications. Desirable skills include knowledge of mobile device management, cloud technology, networking concepts, and relevant certifications such as CompTIA A+, Network+, and AZ-900. A willingness to work in shifts, document issues clearly, and support users across multiple time zones are also valuable assets for this role. If you are an enthusiastic individual with a passion for technology, excellent customer service skills, and a collaborative mindset, we encourage you to apply for this exciting opportunity as a Global IT Service Desk Analyst at Lucy Electric. Join us in shaping the future of electrical distribution systems and making a real impact in the world of IT services. Apply now and be a part of our dynamic team!,

Key Skills: Cybersecurity, Incident Response, SIEM, SOAR, MDR, Threat Hunting, Python, Bash, SQL, AWS, Azure, GCP, MITRE ATT&CK, Splunk, QRadar, CrowdStrike, Microsoft Defender, Palo Alto, Datadog. Roles & Responsibilities: Investigate security incidents related to network traffic, IAM violations, and unauthorized access. Analyze security detection rules, alerts, and correlation logic to identify malicious activities. Conduct threat hunting activities to proactively identify potential threats within the environment. Participate in incident response efforts, including containment, eradication, and recovery. Collaborate with the software development & SRE teams. Onboard customers and guide them through integration with MDR platforms. Ensure customer satisfaction and provide strategic security recommendations. This is a fully onsite role that requires high availability and proactive engagement. On-call/rotational work required. Experience Requirement: 3-8 years of experience in cybersecurity operations and advanced threat detection. Experience with SIEM platforms, Security orchestration platforms (SOAR), or specialized MDR providers such as Splunk, QRadar, CrowdStrike Falcon, Datadog, SentinelOne, Microsoft Defender, Palo Alto Cortex XDR, Panther, etc. Experience with threat hunting methodologies. Experience with databases and SQL. Scripting experience with Python and Bash. Ability to work in a team and in a 24/7 environment. Good written and verbal communication skills. MITRE ATT&CK framework knowledge is a plus. Cybersecurity certifications are a plus. Education: Any Graduation.

Job Description 5 to 7 years of relevant experience in cybersecurity and endpoint security operations. Job Description Lead advanced threat detection, incident response, and endpoint security using Carbon Black EDR. Investigate security incidents, analyze alerts, and identify root causes. Optimize EDR policies, SIEM rules, and develop custom queries for better detection. Mentor and guide junior analysts (L1/L2) in cybersecurity operations. Collaborate with threat intelligence teams to stay updated on emerging threats. Skills Required RoleOfficer-Microsoft Defender SME Industry TypeBanking Functional AreaITES/BPO/Customer Service Employment TypeFull Time, Permanent Role CategoryInformation Technology Key Skills CYBER SECURITY MICROSOFT DEFENDER Other Information Job CodeGO/JC/21345/2025 Recruiter NameRamya,

At Dark Matter Technologies, you are at the forefront of a tech-driven revolution in loan origination. The commitment to cutting-edge AI and origination technology solutions is reshaping the industry landscape, illuminating a path towards seamless, efficient, and automated experiences. Driven by Empower, the cutting-edge all-in-one LOS, and a suite of innovative Origination Technologies, you provide end-to-end solutions that fully serve the mortgage origination process. Dark Matter Technologies is owned by Constellation Software Inc. (TSX:CSU). As a SOC Lead with 8+ years of experience, your job location will be in Hyderabad & Bhubaneswar with shift timings from 5:30 PM to 3:00 PM IST. Your responsibilities will include monitoring and investigating security alerts, maintaining and tuning security tools under InfoSec purview, researching and providing gap analysis of current security event processes, acting as a subject matter expert and mentor to junior team members, and driving root-cause analysis to common security events. To qualify for this position, you should have an associate or bachelor's degree in computer science, Information Technology, System Administration, or a closely related field; or equivalent work experience. A minimum of 10+ years of experience working in a Security Operations Center (SOC) is required, along with sound working knowledge of security operations and security investigation best practices. Experience in monitoring and handling Endpoint Detection and Response (EDR) and Incident Detection and Response (IDR) alerts and events, as well as experience monitoring and handling Microsoft Defender portal and Purview alerts and events, is crucial. Exceptional customer service, strong project management, and team management skills are necessary, with a history of managing direct reports. You should be highly self-motivated and directed, with keen attention to detail, able to work within a diverse geographically distributed team, willing to adjust work schedules to accommodate business needs, perform in cross-functional teams, adapt to different cultures, be on-call, work extended hours as needed, align with the US Eastern time zone (8 am to 5 pm), and possess strong English written and verbal skills. If you believe you are the ideal candidate for this position, we look forward to receiving your complete application documents (Resume, Salary details, and references) at sreedevi.choudhury@dmatter.com. Get empowered by Dark Matter Technologies!,

Job Discribtion: Global Security Operation Center (GSOC) KPMGs Global Security Operations Centre (GSOC) is internal SOC team supporting KPMG member firms to detect and respond to cyber-attacks to KPMG across locations. GSOC Operation – Monitoring & Alerting (M&A) GSOC – Engineering Services (ES) – SIEM technology management including onboarding /off-boarding /content update. Role & REsPonsibilty – Analyst (Monitoring & Alerting) Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat intelligence, Phishing email analysis for MFs, Raising incidents in Pastebin inte Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers. Ability to Triage and assignment Incident Handling. Ability to Follow Playbooks instructions- Incident Response Playbooks Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance) Understand and imbibe current SOC process Perform quality assessment on SOC operations being performed as per existing process Record and deviations identified into tracking tool(s)/spreadsheets Perform follow-ups with respective error owners to mitigate process deviations Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed. Perform RCA into observed errors / trends and generate recommendations for process improvement Generate personnel specific recommendations for performance enhancement Contribute in overseeing quality assessment process for multiple SOC verticals In-line alignment with SOC operations for quick-detection / prevention of process deviations Support as QA touchpoint in critical cyber incidents to enhance quality of service Assessment of investigation report with assertions, evidences and recommended actions Communicate effectively and collaborate with teams in different geographie

Microsoft Azure expertise -cloud with secure architecture, Azure Defender for Cloud and centralized Cloud Security Posture Management experience, Proven track record in risk assessments, vulnerability management, and security strategy development,

Job Roles and Responsibilities : Setting up Encryption using Technologies such as Voltage, Secupi, Microsoft Purview Understanding Key Management framework and best practices around Bring Your Own Key and Hold Your Own Key. Setting up DLP Policies in Microsoft Defender for Cloud Apps (CASB) , Microsoft Defender for Endpoint and Microsoft Purview Assisting the Implementation of Data Loss Prevention and guide on unit testing, and support documentation; Knowledge/Skills Demonstrable knowledge of information security best practices Background in networking, data security and cloud-based applications. Experience with distributed computing platforms for high-scale systems.

About the Department The IT department at TresVista is a critical function in running the business successfully. It is responsible for managing and maintaining the company's technology infrastructure and systems, including hardware, software, and networks. The IT department also works to ensure that technology is used effectively and efficiently to support the organization's operations and goals. Roles and Responsibilities Planning, organizing and controlling the operations of TresVistas information systems Review of IT products and services Recommending and implementing future planning and development of IT infrastructure resources Troubleshooting as required, which further leads to problem-solving efforts often involving outside vendors and other support personnel and organizations Administering and supporting core Microsoft, Cisco, Citrix, and VMware technologies Ensure timely resolution of IT incidents and problems, and implement preventive measures Assisting with hardware, firewall, telecom, and software vendor evaluation, recommendation, and negotiations Leading and mentoring IT staff, including hiring, training, and performance management Liaising with department heads to discuss system requirements, specifications, costs and timelines Managing and coordinating vendors to design, develop, implement and maintain the internal ERP systems Researching current and potential resources and services based on the requirements of a growing firm Keeping abreast of the latest developments in information process technologies Managing helpdesk, employee lifecycle, asset management, and access management Prerequisites: Experience in infrastructure architecture, data centers, servers, and networks Microsoft (MCSE, MCITP), Cisco (CCNA, CCNP), ITIL Foundation or equivalent certifications would be preferred Managing large scale Citrix/2X/Terminal Server installations A solid understanding of LAN/WAN networking, Microsoft Intune, Microsoft Exchange, EPP, and Microsoft Defender Group Policy design and configuration SOC2, ISO 27001 and 22301 audit knowledge would be preferred Strong knowledge of multiple technologies including but not limited to Servers, Virtualization, VMWare, Hyper-Converged Infrastructure, SAN, TCPIP, Office365, UTM, Symantec, wireless LAN, Citrix, etc Experience: 5 - 8 years of relevant work experience Education: Any Graduate Compensation: The compensation structure will be as per industry standar

About the Department The IT department at TresVista is a critical function in running the business successfully. It is responsible for managing and maintaining the company's technology infrastructure and systems, including hardware, software, and networks. The IT department also works to ensure that technology is used effectively and efficiently to support the organization's operations and goals. Roles and Responsibilities Planning, organizing and controlling the operations of TresVistas information systems Review of IT products and services Recommending and implementing future planning and development of IT infrastructure resources Troubleshooting as required, which further leads to problem-solving efforts often involving outside vendors and other support personnel and organizations Administering and supporting core Microsoft, Cisco, Citrix, and VMware technologies Assisting with hardware, firewall, telecom, and software vendor evaluation, recommendation, and negotiations Leading and mentoring IT staff, including hiring, training, and performance management Ensure timely resolution of IT incidents and problems, and implement preventive measures Liaising with department heads to discuss system requirements, specifications, costs and timelines Managing and coordinating vendors to design, develop, implement and maintain the internal ERP systems Researching current and potential resources and services based on the requirements of a growing firm Keeping abreast of the latest developments in information process technologies Managing helpdesk, employee lifecycle, asset management, and access management Prerequisites: Experience in infrastructure architecture, data centers, servers, and networks Microsoft (MCSE, MCITP), Cisco (CCNA, CCNP), ITIL Foundation or equivalent certifications would be preferred Managing large scale Citrix/2X/Terminal Server installations A solid understanding of LAN/WAN networking, Microsoft Intune, Microsoft Exchange, EPP, and Microsoft Defender Group Policy design and configuration SOC2, ISO 27001 and 22301 audit knowledge would be preferred Strong knowledge of multiple technologies including but not limited to Servers, Virtualization, VMWare, Hyper-Converged Infrastructure, SAN, TCPIP, Office365, UTM, Symantec, wireless LAN, Citrix, etc Experience: 4 - 6 years of relevant work experience Education: Any Graduate Compensation: The compensation structure will be as per industry standar

About the Role: We are seeking a Senior Support Engineer with over 5 years of experience in providing technical support and administration for Microsoft Office 365 environments. The ideal candidate will handle escalated issues, perform advanced troubleshooting, assist with migrations, and contribute to the continuous improvement of our O365 support processes. Key Responsibilities: Provide advanced Tier 2/3 support for Office 365 services, including Exchange Online, SharePoint, OneDrive, Teams, and Azure AD. Troubleshoot complex issues related to email flow, mailbox management, authentication, and O365 applications. Manage user provisioning, licensing, security groups, and permissions in Microsoft 365 Admin Center. Assist with migrations from on-premise Exchange or other mail platforms to Office 365. Support and maintain hybrid Exchange environments if applicable. Implement and manage security and compliance configurations, including MFA, conditional access, and DLP policies. Document procedures, configurations, and knowledge articles for recurring issues. Work closely with clients and internal teams to ensure timely resolution of support requests. Provide training and guidance to junior support staff on O365 troubleshooting and best practices. Participate in the on-call rotation and after-hours support as needed.

Role & responsibilities This position is responsible for seamlessly onboarding new customers to Defender XDR platform. The specialist will work closely with clients to ensure a smooth and efficient onboarding process, including pre-installation checks, post-installation verification, and ongoing support Required Skills and Qualification: Hands-on experience with Microsoft Defender XDR deployment , configuration and admin knowledge on Defender 365 portal Hands-on experience in policy configuration/deployment through Intune, Group Policy and PowerShell across different products of Defender XDR like for MDE(Real time Protection, Cloud Protection, Tamper Protection, Attack Surface Reduction(ASR), AIR( Automated investigation and response ),NLA (Network Level Authentication) MDO(Unified Audit, Safe Link policies, Safe attachment policies ,Anti-Malware policies, Anti-Spam policies, Anti-phishing policies, Outbound Forwarding policies), MDI(Identity Sensor installation Microsoft Defender for Cloud Apps (Office 365 Connector, MDE integration) and for Entra ID(Multifactor Authentication).Candidate should have a clear understanding of the use cases for these features and be able to explain them effectively. Candidate should be able to articulate and explain the impact and benefits of all policies with configuration steps for different products of XDR Candidate should be well versed with Defender for endpoint using Intune and should have understanding of Configuration Manager and able to pull-out assets inventory. Experience with MDE policies and conditional access policies Experience with onboarding of XDR products, platform and its configurations Proficient in creating and tuning configuration policies, detection rules and analytics across Microsoft Defender XDR products Solid Understanding of Microsoft security architecture, licensing, networking, including Zero trust. Maintain clear and consistent communication with clients and possess excellent communication, interpersonal and problem-solving skills Ability to work independently and as part of a team.

Role: Microsoft Defender/MAC Endpoint Vulnerability Management Specialist Role Summary: He/She will be responsible for managing vulnerability remediation activities using Microsoft Defender, with a strong focus on endpoint security and management. Additionally, should possess expertise in Mobile Device Management (MDM) solutions such as Intune, and demonstrate advanced troubleshooting skills at the Windows OS level. Scripting knowledge is considered a plus. Location: Bangalore Preferred Duration: 3 Months(Extendable Project) Date : Immediate Joining also preferred Key Responsibilities: - Review vulnerabilities report, analyze the solutions available and execute vulnerability remediation activities using Microsoft Defender. - Collaborate with the Security Team to assess vulnerabilities and implement mitigation strategies. - Manage endpoint security configurations and policies through Microsoft Defender. - Implement solutions through Mobile Device Management solutions, Intune/WS1/SCCM. - Develop policies as required in collaboration with Product Owners and Security team. - Provide L3 level support for Windows OS-related issues. - Diagnose complex system problems and work towards resolution swiftly. - Utilize scripting languages (e.g., PowerShell) to automate or deploy solutions as needed. - Develop scripts to enhance monitoring capabilities or streamline solution deployment processes. - Maintain comprehensive documentation of processes, incidents, resolutions, and changes implemented. Qualifications: - Proven experience in managing Microsoft Defender Endpoint solutions. - Expertise in MDM tools like Intune/WS1/SCCM. - Strong troubleshooting skills at the Windows OS level. - Proficiency in scripting languages such as PowerShell. - Excellent analytical skills with attention to detail. - Strong communication skills; ability to collaborate effectively with cross-functional teams. - Ability to work independently while managing multiple priorities efficiently. - Work experience with monitoring tools like Nexthink is an advantage.onsibilities

Key Responsibilities Act as an escalation point for high/critical severity incidents and perform thorough investigations. Analyze TTPs (Tools, Techniques, and Procedures) to identify attack vectors and lifecycle stages. Recommend improvements to security controls and organizational security hygiene. Conduct threat hunting and IOC/APT detection through advanced log analysis. Collaborate with clients security teams and internal teams for incident resolution and documentation. Identify process gaps and propose enhancements for the incident response lifecycle. Create, maintain, and improve runbooks, playbooks, and incident response processes. Actively participate in war room discussions, executive briefings, and team meetings. Must-Have Skills Minimum 3+ years of experience as a SOC L3 Analyst in a global SOC environment. Hands-on experience with SIEM tools such as Microsoft Sentinel, including rule writing in KQL and Use Case development. Strong incident response skills and experience writing response procedures and playbooks. Expertise in advanced threat detection, forensic investigation, and root cause analysis. Knowledge of threat hunting techniques and familiarity with attacker TTPs and MITRE ATT&CK framework. Experience with security monitoring, log analysis, and network traffic inspection. Ability to resolve and escalate incidents and provide detailed post-mortem analyses. Excellent communication and documentation skills for cross-functional collaboration. Good-to-Have Skills Familiarity with Use Case Factory and Managed Detection & Response (MDR) operations. Exposure to various security tools, including EDRs, vulnerability scanners, and SOAR platforms. Experience in training junior analysts and creating knowledge-sharing materials. Prior experience working in global customers/ MSSP environments with multiple customers.

DESIGNATION: SENIOR CONSULTANT MICROSOFT SECURITY EXPERIENCE : 6+ years Key Responsibilities Solution Design & Implementation Design and deploy Microsoft Intune for device compliance, application management, and policy enforcement across Windows, macOS, iOS, and Android platforms. Implement Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Microsoft Sentinel integrations for proactive threat protection. Configure and optimize Microsoft Entra ID (Azure AD) including conditional access, identity protection, MFA, SSO, and RBAC strategies. Lead zero trust architecture and endpoint protection projects aligned with customer security goals. Client Engagement & Advisory Collaborate with clients to assess current security posture and define Microsoft-centric security roadmaps. Deliver technical workshops, assessments, and POCs for Intune, Defender, and Entra ID solutions. Serve as a trusted advisor for Microsoft Security best practices, compliance (e.g., ISO27001, GDPR), and governance. Operations & Support Support teams in incident investigation and remediation using Microsoft tools. Ensure documentation of architectures, designs, policies, and procedures. Required Skills & Experience 6+ years of hands-on experience in Microsoft Security technologies. Expertise in deploying and managing: Microsoft Intune / Endpoint Manager Microsoft Defender Suite (MDE, MDI, MDO, Defender for Cloud Apps) Microsoft Entra ID / Azure AD (Identity Governance, PIM, Conditional Access) Deep understanding of endpoint protection , identity lifecycle management , device compliance , and modern workplace security . Strong experience with PowerShell scripting , custom compliance policies, and automation. Familiarity with Microsoft 365 E5 Security Suite , Microsoft Sentinel , and Zero Trust Architecture . Excellent communication and documentation skills; ability to present to both technical and executive stakeholders. Preferred Qualifications Microsoft Certifications such as: SC-300: Microsoft Identity and Access Administrator SC-400: Information Protection Administrator MD-102: Endpoint Administrator SC-200: Security Operations Analyst . Knowledge of integration with third-party MDM, SIEM, or IAM solutions.