Microsoft Detection Engineer L1

Thanks for the click. We know your time is valuable so we will get right to it.

We’ve amassed some of the best and brightest minds in cyber security who are passionate about protecting the digital world. Our team blends advanced technology alongside deep expertise to tackle the toughest cyber threats out there. Put simply, our mission is to stay ahead of the curve and create a safer digital landscape for our partners, and we think adding a Microsoft Detection Engineer Level 1 will up our cyber game.

The Microsoft Detection Engineer will be responsible for proactively identifying, investigating, and mitigating endpoint threats within customer environments using Microsoft security technologies. The role involves leveraging Microsoft Defender, Microsoft Sentinel, and other security solutions to enhance the capabilities of SilverSky's security operations team in detecting and responding to emerging threats.

• Performing proactive threat hunting across Microsoft 365, Azure environments, and on-premises endpoints.
• Working with the security operations team to build runbooks, playbooks and automations around Microsofttechnologies.
• Helping maintain customer Sentinel SIEM environments.
• Training security operations team on becoming more proficient with Microsoft tools and workflows to aid ininvestigations.
• Performing threat hunting exercises within customer environments using Microsoft Defender XDR, Sentinel, and other tools to identify, investigate, and remediate threats.
• Developing and execute custom detection rules and queries in KQL (Kusto Query Language).
• Collaborating with the incident security operations teams to manage and resolve incidents for Microsoft customers in a timely manner.
• Creating and improving threat detection strategies based on intelligence from both internal and external sources.

• In-depth knowledge of Microsoft Defender, Microsoft Sentinel, and Microsoft for Defender Cloud.
• Strong experience with endpoint security, incident detection, and response processes.
• Proficiency in KQL for writing queries, generating reports, and conducting investigations.
• Experience with exposure management and security vulnerability assessment tools.
• Familiarity with Windows, Linux, and mobile endpoint security.
• Understanding of cloud security concepts and Azure services.
• Proven ability to analyze and mitigate complex security threats and incidents.
• Strong problem-solving skills and the ability to work under pressure.
• Excellent communication skills to effectively collaborate with technical and non-technical stakeholders.
• Current Microsoft SC-200 certification is strongly preferred.

In addition to the technical expertise, we expect respect, opinions, and thoughtful input.

If this sounds interesting and you are passionate about redefining how the world thinks about cyber security, we want to hear from you. Apply now if you are interested in learning more about how we can change the rules of engagement, together.

About SilverSky

We are a global cyber security company with more than 20 years of professional experience in the industry. Our 300+ employees are on a mission to protect our customers with comprehensive, adaptive security services that maximize technology and automate responses, while empowering security analysts to hunt for threats, react and respond immediately. It’s the human enhanced response that differentiates SilverSky and allows us to create the most comprehensive managed detection and response (MxDR) solution in the industry by delivering on our Vision, Velocity, Vigilance philosophy. Follow us on LinkedIn and X.