XDR Security Consultant
Ambit Iberia
AzureCloud
Security Architect – Client Consulting
Cyclotron, Inc.
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $130,000 - $170,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AzureCloud
About the role
- Architect, design, and execute enterprise deployments of Microsoft Defender XDR and Microsoft Sentinel, including Microsoft Defender for Office 365, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, Entra Identity Protection, Microsoft Sentinel, and related Azure security features.
- Serve as subject matter expert working with clients to design and deploy industry-leading solutions to improve protection of Microsoft-based assets in on-premises and cloud environments.
- Use a wide variety of approaches to improve cloud, network and endpoint security posture within client security architectures.
- Generate and execute technical designs based on client requirements to help customers maximize investments in Microsoft technologies and services.
- Work directly with customer teams to drive discovery, design, configuration, validation, piloting, deployment and support of Microsoft cloud and on-premises security capabilities.
- Collaborate across Cyclotron business units to combine threat protection with identity & devices, compliance, and more.
- Contribute to the development of new Threat Protection and SIEM services offered by Cyclotron.
- Engage with other Cyclotron and customer teams to get and share information to improve processes and security posture.
- Lead technical discussions, provide guidance and direction when resolving technical challenges, and produce quality technical deliverables/documentation.
Requirements
- Demonstrated knowledge and skill with Microsoft cloud security solutions and services such as Microsoft Defender for Office 365, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, and Sentinel.
- Strong and demonstrated experience with KQL queries, Attack Simulation services, on-premises Microsoft security solutions including Windows 10 and 11, Windows Server and Active Directory as well as third party solutions used to protect hosts.
- Strong communication skills, experience in leading technical discussions, providing guidance and direction when resolving technical challenges along with demonstrated technical writing experience.
- Experienced/Sr. Level; consulting experience preferred.
- Ability to generate & execute technical designs based on client requirements and lead discovery, piloting, deployment and support efforts.
- Security Operations (SecOps) experience with Microsoft Defender XDR.
- Bonus: History with competitive security tools (Crowdstrike, Cortex, Webroot, Soti, XenMobile, Workspace ONE, Okta, PingFederate, etc.).
- Bonus: Experience with Microsoft Intune, Configuration Manager, Entra ID, Entra ID Connect, SSO and Microsoft Purview capabilities.
- Bonus: Experience with data connectors, data sources, and Logic Apps.
- Bonus: Experience with migration of third party email security applications (Proofpoint, Mimecast, Cisco Secure Email, Tessian and Ironscales).
- Bonus: Currently holds a Microsoft 365 Certified Security Administrator Associate or Azure Security Engineer Associate certification.
- Bonus: Currently holds a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM).
