Microsoft Defender Security Consultant - Contract
Posted Today by Jobserve
£500 Per day
Outside
Hybrid
Birmingham
Summary: The Microsoft Defender Security Consultant role involves enhancing and optimizing threat detection and response capabilities within Microsoft Defender and Sentinel environments. The consultant will focus on developing high-fidelity detection use cases, reducing false positives, and improving security monitoring efficiency. This position requires a strong background in Microsoft security tools and collaboration with SOC teams. The contract is for three months with potential extensions, based in Birmingham with a hybrid working arrangement.
Key Responsibilities:
- Design and develop high-quality, high-fidelity threat detection use cases
- Write and optimize detection rules within Microsoft Sentinel using KQL
- Review and analyze existing security incidents to identify tuning and whitelisting opportunities
- Reduce alert fatigue by refining detections and eliminating false positives
- Map detection logic to known attack methods and adversary techniques
- Modify and align detection rules between Microsoft Sentinel and Microsoft Defender
- Collaborate with SOC teams to enhance monitoring and response capabilities
- Provide recommendations for improving overall security posture
Key Skills:
- Strong hands-on experience with Microsoft Defender (Defender for Endpoint, Identity, Cloud, etc.)
- Advanced Microsoft Sentinel experience, including KQL query writing (equivalent to Level 3 SOC Analyst)
- Proven experience in building and tuning threat detection use cases
- Solid understanding of attack techniques and threat landscapes
- Experience in incident analysis, alert tuning, and false positive reduction
- Ability to translate security requirements into effective detection rules
Salary (Rate): £500 per day
City: Birmingham
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: Mid-Level
Industry: IT
Detailed Description From Employer:
Job Title: Microsoft Defender Security Consultant
Contract Type: Contract (Outside IR35)
Rate: £500 per day outside IR35
Duration: 3 months (with possible extensions)
Location: Birmingham (two days work from the office in Birmingham and 3 days working from home every week)
We are seeking an experienced Microsoft Defender Security Consultant to support the enhancement and optimization of threat detection and response capabilities. The role focuses on developing high-fidelity detection use cases, reducing false positives, and improving overall security monitoring efficiency within Microsoft Defender and Sentinel environments.
Key Responsibilities:
- Design and develop high-quality, high-fidelity threat detection use cases
- Write and optimize detection rules within Microsoft Sentinel using KQL
- Review and analyze existing security incidents to identify tuning and whitelisting opportunities
- Reduce alert fatigue by refining detections and eliminating false positives
- Map detection logic to known attack methods and adversary techniques
- Modify and align detection rules between Microsoft Sentinel and Microsoft Defender
- Collaborate with SOC teams to enhance monitoring and response capabilities
- Provide recommendations for improving overall security posture
Required Skills & Experience:
- Strong hands-on experience with Microsoft Defender (Defender for Endpoint, Identity, Cloud, etc.)
- Advanced Microsoft Sentinel experience, including KQL query writing (equivalent to Level 3 SOC Analyst)
- Proven experience in building and tuning threat detection use cases
- Solid understanding of attack techniques and threat landscapes
- Experience in incident analysis, alert tuning, and false positive reduction
- Ability to translate security requirements into effective detection rules
Preferred Skills:
- Experience working in a Security Operations Centre (SOC) environment
- Knowledge of threat hunting and proactive detection strategies
- Relevant Microsoft security certifications
Key Outcomes:
- Improved detection accuracy and reduced false positives
- Enhanced SOC efficiency through optimized alerting
- Well-documented and actionable detection use cases
- Strong alignment between Defender and Sentinel detection capabilities