Senior Cyber Security Operations Analyst who will lead threat detection, investigation, and response activities across Microsoft Defender environments

Our client is seeking a Senior Cyber Security Operations Analyst who will lead threat detection, investigation, and response activities across Microsoft Defender environments.

• 7+ years of experience in cybersecurity operations, threat detection, incident response, or IT security
• Advanced proficiency with the Microsoft 365 Defender suite (Defender for Endpoint, Identity, Cloud Apps, and Office 365)
• Deep expertise in email security protocols (SPF, DKIM, DMARC) and advanced phishing/spoofing threat analysis
• Experience working with SIEM/SOAR platforms for advanced detection, automation, and response (MS Sentinel, Splunk)
• In-depth knowledge of identity-based attack techniques (credential theft, pass-the-hash, Kerberoasting, MFA bypass, OAuth abuse)
• Strong incident response capabilities, including threat hunting, triage, root cause analysis, and remediation planning
• Demonstrated experience in GRC, including policy development, enterprise risk assessments, control design/implementation, and compliance program support
• Strong understanding of security frameworks (NIST CSF, ISO 27001, CIS Controls, SOC 2, ITIL)
• Ability to lead audit activities, assess control gaps, and provide recommendations to improve organizational security maturity