Job Summary: We are seeking a skilled and experienced SIEM Platform Engineer specializing in Microsoft Defender for Endpoint (MDE) at Level 2 and above. The ideal candidate will be responsible for implementing, managing, and maintaining the SIEM environment, focusing on threat detection, incident response, and system optimization within a Microsoft ecosystem.
Key Responsibilities:
- Manage and maintain the SIEM infrastructure, particularly MDE, ensuring optimal performance and uptime.
- Monitor and analyze security alerts and events from various data sources within the Microsoft ecosystem.
- Perform advanced threat hunting, detection, and analysis using MDE and related SIEM tools.
- Develop, tune, and optimize detection rules, dashboards, and reports.
- Investigate and respond to security incidents, conducting root cause analysis and implementing mitigations.
- Collaborate with IT and Security teams to integrate new data sources and refine monitoring strategies.
- Conduct system upgrades, patch management, and version control to maintain security tool effectiveness.
- Document incidents, procedures, and technical configurations.
- Train and mentor junior security analysts in leveraging SIEM and MDE effectively.
Qualifications:
- Bachelor’s degree in computer science, Information Security, or related field (or equivalent experience).
- Minimum of 3-5 years of experience working with SIEM platforms, specifically Microsoft Defender for Endpoint (Level 2 and above).
- Strong understanding of threat detection, incident response, and security operations.
- Proficiency in scripting (e.g., PowerShell, Python) for automation and log parsing.
- Hands-on experience with security monitoring, event correlation, and log management.
- Excellent problem-solving skills and attention to detail.
- Relevant certifications (e.g., Microsoft Certified: Security Operations Analyst, CompTIA Security+, CISSP) are a plus.
Key Competencies:
- Analytical thinking and threat analysis
- Strong communication and collaboration skills
- Adaptability and continuous learning
- Proactive problem-solving
Skills Required
- Bachelor's degree in computer science or related field
- 3-5 years experience with SIEM platforms
- Strong understanding of threat detection
- Proficiency in PowerShell and Python scripting
- Hands-on experience with security monitoring and log management
What We Do
Inspira Enterprise is a global Cybersecurity & Data Analytics & AI services provider with a presence in North America, ASEAN, Middle East, India, and Africa regions. We offer a wide range of services to a host of industries like Banking, Financial Services and Insurance (BFSI), Healthcare, Public Sector, Manufacturing, Information Technology Enabled Services (ITeS) eCommerce, and others. Inspira's cybersecurity services are very extensive ranging from the basic perimeter security to complex incident management and response. Our global partnerships with best of the breed technology providers enable us to offer cutting edge cybersecurity solutions that detect, predict & manage cyber incidents. The 5 state-of-the-art Cyber Fusion Centers (CFCs), help us provide round the clock support to our clients across the globe. Inspira’s Managed Analytics service supports our customer’s IT and Business teams, to bridge data strategies with business outcomes helping them setup a resilient culture that accelerates change with data-driven critical thinking in all aspects of People, Process and Technology implementations and Operations management. To know more, visit us at inspiraenterprise.com
