• Implementation and support of Microsoft security products - primarily Defender, Sentinel SIEM as well as other adjacent security suite technologies • Designing and refining engineering standards and best practices • Conduct periodic Microsoft tenant health check assessments, audits, and architecture reviews • Work alongside SOC Analysts to improve security event detection capability • Research and implement new technologies that can be used within the SOC • Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC • Assisting with the triage and resolution of incidents alongside others • Draft reports and customer-facing documents to a high standard • Stay up to date with the latest cyber vulnerabilities and maintain an understanding of how Microsoft technologies can be used to protect clients • Assist with the development of more junior members of the team where required.

• Monitoring, analyzing and coordinating the handling of security incidents • Creating and reviewing rules and exceptions in customer environments • Documenting and reporting security incidents • Independent threat hunting based on defined hypotheses and procedures • Developing and improving security strategies and recommendations • Communicating with customers

• Work as part of a team to implement an organised approach to addressing and managing security requests, breaches or cyberattacks • Perform first responder and triage activities to assess the potential risk

• Triage security events and incidents • Monitor the SIEM to identify anomalies and potential security threats • Participate in evaluating the security of monitored infrastructure systems