Be an early applicantLess than 25 applicants

This job has closed.

Company

SecureKloud Technologies · 3 hours ago

Security Analyst with MS Defender and Vulnerability Management - REMOTE USA

United States

Contract

Remote

Senior Level, Lead/Staff

8+ years exp

Maximize your interview chances

Professional ServicesSoftware

H1B Sponsor Likely

Hiring Manager

Senthil Babu R.

Insider Connection @SecureKloud Technologies

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Administer and configure Microsoft Defender for Endpoint, Identity, and Cloud to detect, investigate, and respond to security incidents.

Monitor and analyze security alerts and incidents using Microsoft Defender and other SIEM platforms.

Configure and optimize Defender policies and rules to ensure comprehensive threat coverage.

Maintain up-to-date knowledge of the latest Microsoft Defender features, tools, and capabilities.

Conduct vulnerability assessments using Microsoft Defender Vulnerability Management and other vulnerability scanning tools.

Identify and prioritize security risks and vulnerabilities within the organization's IT infrastructure.

Collaborate with IT and development teams to ensure timely remediation of vulnerabilities.

Generate vulnerability reports and track resolution progress.

Conduct regular patch management to ensure the organization remains protected from known threats.

Design, create, and implement security use cases in Microsoft Defender to detect threats and reduce false positives.

Collaborate with threat intelligence teams to ensure use cases reflect the latest threat landscape and attack techniques.

Continuously review and update security use cases based on evolving security threats and vulnerabilities.

Integrate security use cases into SIEM systems to automate alerts and response actions.

Perform root cause analysis and post-incident reviews to refine security use cases.

Assist in the investigation of security incidents and provide detailed reports on findings and remediation actions.

Provide recommendations for improving security posture and mitigating risks.

Communicate effectively with both technical and non-technical teams to ensure appropriate incident handling.

Work closely with other teams such as IT, Risk, Compliance, and Development to ensure security policies are adhered to across the organization.

Provide training to staff on best practices for vulnerability management and security posture improvement.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Microsoft DefenderVulnerability ManagementSIEM systemsSecurity Use Case DevelopmentCybersecurityVulnerability Scanning ToolsScriptingAutomationCloud Security ConceptsNIST FrameworkCIS FrameworkISO 27001QualysTenableOWASP Top 10CVEsPowerShellPythonAzureAWSCISSPCEHGCVA

Required

8+ years of experience in cybersecurity, with a focus on vulnerability management, security monitoring, or incident response.

Hands-on experience with Microsoft Defender (Defender for Endpoint, Identity, and Cloud).

Familiarity with vulnerability management tools and platforms (e.g., Qualys, Tenable, etc.).

Proven experience in creating and implementing security use cases and alerts in SIEM systems (preferably Microsoft Sentinel or similar tools).

Strong understanding of common attack vectors, vulnerabilities, and exploitation techniques (e.g., OWASP Top 10, CVEs, etc.).

Strong knowledge of security best practices and frameworks (NIST, CIS, ISO 27001, etc.).

Excellent written and verbal communication skills.

Ability to work independently and as part of a team in a dynamic environment.

Detail-oriented with strong analytical and troubleshooting skills.

Preferred

Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)

Microsoft Certified: Azure Security Engineer Associate (AZ-500)

Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

GIAC Certified Vulnerability Assessor (GCVA)

Proficiency in scripting and automation (PowerShell, Python, etc.) is a plus.

Experience with SIEM and other security monitoring solutions.

Familiarity with cloud security concepts (Azure, AWS, etc.) is a plus.

Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience).

Company

SecureKloud Technologies

Being a cloud-native company, SecureKloud enables digital transformation for global enterprises to help you navigate the new world.

Founded in 2012

Pleasanton, California, USA

201-500 employees

https://www.securekloud.com

H1B Sponsorship

SecureKloud Technologies has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (10)

2022 (22)

2021 (21)