Tier 2/3 Cyber Security Analyst / Microsoft Sentinel/Microsoft Defender
Tasks
- Conduct host and email forensic analysis
- Coordinate incident response and reporting
- Deploy and manage Microsoft Defender for Cloud
- Deploy and manage Microsoft Defender for Endpoint
- Deploy and manage Microsoft Defender for Identity
- Deploy and manage Microsoft Defender for Office 365
- Detect and analyze security incidents
- Develop and tune SIEM analytics rules
- Integrate Sentinel with SOAR and automate response
- Map detections to MITRE ATTACK and D3FEND
- Operate Microsoft Sentinel and data connectors
- Perform log and network traffic analysis
- Perform threat hunting and intelligence integration
- Serve as escalation point for complex threats
- Write Kusto Query Language queries
Perks/Benefits
- N/A
Skills/Tech-stack
ASR Rules | Conditional Access | D3FEND | Defender for Cloud | Defender for Endpoint | Defender for Identity | Defender for Office 365 | EDR | Entra ID | Forensic analysis | Identity Management | Identity Protection | IoC | KQL | Kusto Query | Kusto Query Language | Logic Apps | Malware analysis | Microsoft Defender | Microsoft Defender for Cloud | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Defender for Office | Microsoft Defender for Office 365 | Microsoft Entra | Microsoft Entra ID | Microsoft Sentinel | Mitre Attack | Network Traffic | Network Traffic Analysis | Office 365 | Power Automate | Privileged Identity | Privileged Identity Management | Query Language | SIEM | SOAR | Threat Intelligence | Threat hunting | Traffic analysis
Education
Roles
Analyst | Cyber Security | Cyber Security Analyst | Security Analyst
Regions
Countries
States
Related jobs
-
Cyber Network Defense Analyst II USD 100K-158KCarnegie Mellon SiLK | Cyber Defense | Cyber Defense Monitoring | Event Correlation | Event managementOnsite support | Remote work optionMid-level Full TimeArlington, VA1d ago
-
Senior Cyber Incident Analyst USD 120K-154KComputer Networking | Confluence | Cybersecurity | Encryption | Incident ResponseOn site work Arlington VA | Public Trust Clearance | Top Secret clearanceSenior-level Full TimeARLINGTON, VA, United States2d ago
-
AOUSC - Forensic and Malware Lead USD 107K-166KChain of Custody | Data carving | Digital forensics | Disk analysis | Dynamic analysisSenior-level Full TimeWashington, DC2d ago
-
AOUSC - Threat Hunt Lead USD 104K-183KAdversary tactics | Adversary tactics and techniques | Agile | Behavioral analytics | CrowdStrikeHybrid work | Public trust clearance requiredSenior-level Full TimeWashington, DC2d ago
-
AOUSC - Insider Threat Analyst Lead USD 101K-183KAgile Workflows | Alert Correlation | Audit Records | Behavior analytics | Behavioral analyticsHybrid work | Public Trust ClearanceSenior-level Full TimeWashington, DC2d ago
-
Cyber Security Analyst USD 85K-115KAccess Management | Compliance Auditing | Cybersecurity Risk Assessment | Cybersecurity risk | Detection Systems401k match | Dental insurance | Health insurance | Paid time off | Vision insuranceMid-level Full TimeUSA VA Manassas - 11680 Hayden …2d ago
-
Security Analyst Internship USD 40K-40KDNS | EDR | HTTP | IOC enrichment | Incident ResponseCapstone project | Mentorship | On site work experience | Structured learning planEntry-level InternshipKansas City, MO SOC2d ago
-
Cybersecurity Analyst USD 95K-166KData Visualization | Endpoint protection | Firewalls | Forensics | IDS/IPSHybrid work | Onsite 3 days per weekMid-level Full TimeWashington, DC, US2d ago
-
Identity Management Analyst USD 68K-98KAccess Control | Access Management | Access auditing | Access reviews | Active DirectoryMid-level Full TimeDanville, KY, United States3d ago
-
Cyber Threat Hunt Analyst USD 96K-158KATT&CK Navigator | Big Data | Data analytics | Economic analysis | Endpoint Security401k match | Collaborative work environment | Dental insurance | Educational reimbursement | Health insuranceSenior-level Full TimeFort Gordon, GA3d ago
-
Information Security Analyst USD 87K-108KAccess Control | Application Security | Detection and Response | Endpoint Detection and Response | Endpoint detectionOn site work localityMid-level Full TimeMontgomery, AL3d ago
-
Consultant - Data Science / Data Lake USD 107K-188KAmazon Web Services | Apache Hadoop | Apache Kafka | Apache Spark | Apache StormEntry-level Full TimeChicago, Illinois, United States3d ago
-
Senior Threat Hunter - Boston USD 145K-192KAWS | Azure | Cobalt Strike | Cyber Threat | Cyber Threat IntelligenceOnsite work requirements | Paid time offSenior-level Full TimeBoston, United States3d ago
-
Cyber Security Threat Analyst (Onsite Hybrid) USD 87K-120KCVE | CVSS | Case management | Credential theft | Cyber Kill ChainHybrid work | Onsite work | Professional developmentMid-level Full TimeCharlotte, NC, US R3d ago
-
CVSS | Common Vulnerabilities and Exposures | Common vulnerabilities | Detection and Response | Endpoint Detection and Response401k matching | Conus travel | Dental insurance | Employee stock ownership plan | Flexible spending accountMid-level Full TimeConcord, CA, USA3d ago
-
Senior Threat Hunter - Boston USD 145K-192KAttribution | Cyber Threat | Cyber Threat Intelligence | Data Enrichment | Data correlationOnsite work in Boston office | Paid time offSenior-level Full TimeBoston, United States3d ago
-
Cybersecurity Analyst III USD 95K-142KAttack Simulation | Awareness Training | Compliance Assessment | Incident Response | Intrusion Detection401k | Dental insurance | Disability insurance | Employee assistance program | Flexible workplaceSenior-level Full TimeMadison, WI, United States3d ago
-
Tier 1 SOC Analyst USD 57K-104KCloud Monitoring | Cybersecurity frameworks | Endpoint Monitoring | Incident Response | Log MonitoringMid-level Full Time6314 Remote/Teleworker US, United States R3d ago
-
Cyber Security Engineer USD 80K-135K365 Security | 800-171 | AI-assisted tooling | Active Directory | Awareness platformsSenior-level Full TimeTorrance, California, United States3d ago
-
Senior Security Researcher USD 119K-261KAdversary Emulation | C# | C++ | Deep learning | Incident ResponseSenior-level Full TimeRedmond, WA, US; Reston, VA, US3d ago
-
Security Operations Expert USD 120K-145KAlert Tuning | Anti-virus | Detection engineering | EDR | Forensics401k | Dental insurance | Disability insurance | Leave Program | Life insuranceSenior-level Full TimeSunnyvale, CA, United States4d ago
-
Technical Threat Intelligence Analyst ll USD 80K-80KInformation Triage | Intelligence writing | Networking | Open Source | Open-source research401k match | ADDD Insurance | Coaching and mentoring opportunities | Employee assistance program | HSA employer contributionMid-level Full TimeSeattle, Washington4d ago
-
APIs | Civil Unrest Risk | Civil unrest | Crisis management | Data dashboards401k match | Catered lunch | Disability insurance | Employee stock purchase program ESPP | Flexible PTOSenior-level Full TimeLivingston, NJ / New York, NY … R4d ago
-
Access Restrictions | Alert management | Cybersecurity | Email Security | Incident ResponseLimited telework | Onsite workMid-level Full TimeAiken, SC, United States4d ago
-
Chain of Custody | Device Forensics | Digital forensics | Encryption Decryption | Event managementMentorship | TrainingMid-level Full TimeAiken, SC, United States4d ago