SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. London
  3. Ict security engineer
  4. Microsoft Defender XDR Specialist

Microsoft Defender XDR Specialist

Guidant Global
Posted 8 hours ago, valid for 14 days
Location

London, Greater London EC1R 0WX

Salary

£650 - £750 per day

Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • The job title is Microsoft Defender Specialist, offering a hybrid work model that requires weekly travel to the London office.
  • This is a 6-month contract position with a salary range of £650-750 per day and benefits including accrued holidays starting at 28 days, increasing to 33 days after 12 weeks.
  • The role requires expertise in deploying and managing Microsoft Defender solutions, along with the ability to automate security processes and maintain comprehensive documentation.
  • Candidates should have significant experience with Microsoft Defender for Cloud Apps, Identity, Office 365, and Endpoint, as well as security automation skills.
  • Preferred certifications include Microsoft Certified: Cybersecurity Architect Expert and Microsoft Certified: Security Operations Analyst Associate.

Job Title- Microsoft Defender Specialist

Job type- Hybrid(travel to London office once a week)

Duration- 6 months(Possible Extension)

Salary- £650-750/day

Onsite Parking, Holidays are accrued for PAYE contractors and will 28 days to start off with which increases to 33 days after 12 weeks.

Job Description

We are seeking a highly skilled Microsoft Defender XDR Specialist to join Cyber Defence team, reporting directly to the Global Head of Microsoft Security Platforms and SOC Operations. In this pivotal role, you will lead the deployment, management, and optimisation of Microsoft's advanced security solutions, focusing on Microsoft Defender for Cloud Apps, Defender for Identity, Defender for Office 365, and Defender for Endpoint.

You will play a critical role in designing and implementing scalable Microsoft security architectures, driving automation in threat detection and response, and maintaining comprehensive process documentation to enhance the overall security posture. Integration with Microsoft Sentinel for centralised threat detection and incident response will also be a key focus of this role.

Key Responsibilities:

Microsoft Defender XDR Implementation & Management

  • Deploy, configure, optimise and manage the Microsoft Defender XDR suite, with key focus on Defender for Cloud Apps (MDA).
  • Follow best practices to optimise and configure already deployed Defender for Identity (MDI), Defender for Office 365 (MDO), and Defender for Endpoint (MDE).
  • Implement security controls and threat protection policies to secure endpoints, identities, cloud applications, and collaboration tools.
  • Develop and enforce security baselines, policies, and procedures for proactive threat management across the Microsoft XDR product suite.

Security Automation & Orchestration

  • Develop and implement automation workflows and playbooks using Microsoft Sentinel and Logic Apps to streamline incident response and remediation.
  • Automate security monitoring, alerting, and remediation processes across Defender solutions to reduce manual workloads and response times.
  • Identify opportunities to automate repetitive security tasks and optimize threat detection and response processes.

Process Documentation & Knowledge Sharing

  • Create and maintain detailed process documentation, standard operating procedures (SOPs), and security runbooks for Defender XDR configurations, incident response, and automation workflows.
  • Document integration workflows between Defender XDR solutions and Microsoft Sentinel.
  • Provide training and guidance to security teams on using Defender tools and automated processes.

Threat Detection & Incident Response

  • Advise on threat detection, investigation, and response activities leveraging Defender XDR and Sentinel.
  • Analyse security alerts, contribute to investigation of incidents, and implement mitigation strategies.
  • Provide support to Global SOC, Threat Intelligence, Insider Threat and Threat Hunting Teams

Collaboration & Continuous Improvement

  • Collaborate with cross-functional teams (GRC, Cyber Offence, Enterprise Tech and more) to align security strategies with business objectives.
  • Stay current on emerging threats, Microsoft security technologies, and industry trends to recommend continuous improvements.

Must-Have Skills:

  • Microsoft Defender for Cloud Apps (MDCA):

o Expertise in configuring and managing cloud security policies for SaaS applications.

o Experience in shadow IT discovery, governance, and compliance enforcement.

o Ability to design custom policies for anomaly detection and risk mitigation.

o Strong understanding of session controls and conditional access app controls.

  • Microsoft Defender for Identity (MDI):

o Proficiency in detecting and responding to identity-based threats (e.g., lateral movement, pass-the-hash, domain dominance).

o Experience integrating MDI with Sentinel for automated identity threat response.

o Microsoft Defender for Office 365 (MDO):

o Expertise in anti-phishing, anti-malware, and Safe Links/Safe Attachments policies.

o Experience with automated investigation and remediation (AIR) and attack simulation training.

  • Microsoft Defender for Endpoint (MDE):

o Strong knowledge of endpoint detection and response (EDR), threat and vulnerability management.

o Experience with automated threat response, configuration management, and endpoint hardening.

  • Microsoft Security Architecture:

o Proven experience designing secure Microsoft 365 and Azure environments.

o In-depth knowledge of Zero Trust security models, conditional access, and compliance controls.

o Experience integrating Microsoft Defender solutions with Microsoft Sentinel for SIEM/SOAR operations.

  • Security Automation:

o Hands-on experience with Logic Apps, KQL queries, and Sentinel playbooks for security automation.

o Ability to design and deploy automated incident response workflows and threat intelligence feeds.

  • Process Documentation:

o Strong documentation skills for creating runbooks, SOPs, and security process workflows.

o Ability to translate technical solutions into clear, actionable documentation for security teams.

Beneficial Skills:

Security Operations & Microsoft Sentinel:

  • Experience with Microsoft Sentinel for SIEM/SOAR operations, including custom analytics rules, alert tuning, and incident management.
  • Familiarity with MITRE ATT&CK framework and threat intelligence integration.

General Security Skills:

  • Understanding of compliance standards (ISO 27001, NIST, GDPR, CIS).
  • Experience with vulnerability management and risk assessments.

Certifications (Preferred):

  • Microsoft Certified: Cybersecurity Architect Expert (SC-100)
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Microsoft Certified: Identity and Access Administrator Associate (SC-300)

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs