Senior Associate - Security & Compliance Analyst

Quick Take -

We are seeking a skilled and detail-oriented Senior Associate- Security and Compliance Analyst with expertise in Microsoft Defender products to join our dynamic security operations team. In this role, you will be responsible for managing and monitoring the organization's security infrastructure, identifying potential threats, and responding to incidents using Microsoft Defender solutions. Your expertise will help safeguard the organization’s critical data and systems, ensuring security across the entire IT environment.

 The Work -

Security Monitoring & Incident Response:
Actively monitor security alerts, events, and incidents generated by Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, Microsoft Defender for Cloud Apps and other related Microsoft Defender products.
Threat Detection & Analysis:
Utilize Microsoft Defender's threat detection tools to identify and analyze security incidents, conduct triage of security alerts, and provide detailed reports on findings and next steps.
Vulnerability Management:
Conduct vulnerability assessments and apply patches using Microsoft Defender Vulnerability Management, ensuring proactive remediation of security risks and vulnerabilities.
Security Operations & Reporting:
Generate actionable security reports and metrics based on activity within Microsoft Defender solutions. Track incidents, provide status updates, and maintain effective incident documentation.
Collaboration & Communication:
Work closely with internal teams to respond to security events, and provide guidance on remediating potential risks. Collaborate with IT teams for patching, incident resolution, and the continuous improvement of security posture.
Policy Enforcement & Best Practices:
Assist in developing and enforcing security policies and procedures related to Microsoft Defender security products. Recommend best practices to enhance system security and performance.
Automation & Optimization:
Work on automation efforts and optimize security processes within Microsoft Defender products to improve efficiency and incident response times.
Security Awareness & Training:
Help improve internal security awareness and best practices by creating or contributing to training content on Microsoft Defender and general security best practices.

The Must-Haves - 

Technical Skills:
Proficient in using Microsoft Defender Security Center for monitoring, responding, and managing security incidents.
Strong understanding of endpoint security, threat detection, vulnerability management, and cloud security principles.
Experience with PowerShell scripting and automation in Microsoft Defender products is a plus.
Familiarity with security incident handling, incident response (IR) methodologies, and root cause analysis.
Certifications (preferred):
Microsoft Certified: Security Operations Analyst Associate (SC-200)
Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
CompTIA Security+, Certified Information Systems Security Professional (CISSP), or other relevant security certifications.
Analytical & Problem-Solving Skills:
Strong ability to identify, analyze, and mitigate security threats and vulnerabilities using Microsoft Defender tools.
Exceptional troubleshooting and problem-solving skills with attention to detail.
Communication:
Excellent written and verbal communication skills for preparing incident reports and conveying technical information to non-technical stakeholders.
Collaboration & Teamwork:
Ability to work in a collaborative environment with IT, engineering, and other teams to address security challenges effectively.
Experience with other Microsoft Security & Compliance products, such as Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.
Knowledge of security frameworks (NIST, CIS, etc.) and experience with SOC operations is a plus.
Familiarity with SIEM platforms (e.g., Microsoft Sentinel) and integration with Defender products.