Solutions Lead - Microsoft Defender - Security Operations Center (7-12 yrs)

Job Description :

We are seeking passionate and dedicated professionals to join our expanding Cyber Defence team at WTW, delivering expert services and trusted solutions to all parts of our business. We have an exciting opening for a highly skilled and experienced Microsoft Defender Solutions Lead.

In this role, you will lead a geographically and culturally diverse team of engineers in the Microsoft Security Platforms team aligned to Microsoft Defender Product Suite ensuring the effective operation of Microsoft Security platforms. Reporting to the Global Head of Microsoft Security Platforms and SOC Operations, the Microsoft Defender Solutions Lead role is critical to the success of the Microsoft Security capability within WTW.

This position is ideal for individuals with a proven track record of building and managing engineering teams coupled with a deep technical expertise in the Microsoft Security stack with a focus on Microsoft Defender Product Suite, including extensive experience in rolling out of Defender for CloudApps within a global enterprise and experience in Security Operations Centre (SOC) environments.

As the Microsoft Defender Solutions Lead, you will :

- Manage and oversee the technical administration of the Microsoft Defender Solutions platform.

- Lead and mentor a geographically and culturally diverse team of Microsoft Security Platform engineers, providing guidance, coaching and support to ensure efficient implementation and management of Microsoft Defender Solutions.

- Collaborate closely with Microsoft Security Platforms and SOC operations and Global Head of MS Platforms and SOC Operations to develop, document, implement, optimise detection and response strategies, rules, policies, and procedures.

- Produce a technical roadmap that is aligned to the overall Cyber Defence strategy to enhance WTW's detection, response and investigation capabilities.

- Ensure that defender security policies including conditional access and identity protection are optimised and matured to reduce false positives and increase threat detection efficiency.

- Work with with cross-functional teams, including IT, Cyber Defence, HR, legal, and compliance, to enforce security requirements, policies and standards across Microsoft Defender platform and Solutions.

- Conduct regular assessments of Defender XDR environment to identify opportunities for continuous improvement and future enhancements.

- Provide senior management with regular reports and insights on the performance. effectiveness and future developments of Microsoft Security Defender Solutions

- Identify trends and drive requirements aimed at improving and enhancing existing Defender policies, and report this upward through the security management chain.

Secondary responsibilities :

- Participate in projects that enhance WTW's overall security posture

- Support the Global Head of Microsoft Security Platforms and SOC Operations with other relevant tasks including contributing to audits and regulatory compliance processes

Qualifications :

What you will need :

- In-depth experience managing Microsoft Security solutions within a global enterprise, specifically across the Microsoft Defender solutions.

- Strong technical expertise in the Microsoft Security stack, including Defender for CloudApps, Defender for Endpoint, Defender for Identity, Defender for Office, Conditional Access, Automation and Intune.

- Relevant Microsoft certifications in Microsoft Defender products and cloud security.

- Solid understanding of modern security frameworks, including Zero Trust, and experience with Conditional Access and Identity Protection

- Experience working with security monitoring tools, Microsoft Sentinel and responding to incidents and SOC environment

- Knowledge of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).

- Strong analytical problem-solving skills.

- Excellent communication, leadership, and interpersonal skills, with the ability to effectively collaborate and influence stakeholders at all levels of the organization.

- Must be self-motivated and capable of independent work.

Beneficial :

- Previous experience managing large scale deployments of Defender for CloudApps and Microsoft Defender solutions across global enterprise

- Previous experience with audits such as SOX, SOC2.

- Industry certifications such as Certified Information Systems Security Professional (CISSP), CISA, CISM, Microsoft Security certification (AZ500 and SC 200).

- Experience with SOAR and UEBA