Key Responsibilities:

Cloud & Infrastructure Security:

• Design and deploy secure network, infrastructure, and Azure cloud architectures using Defender for Cloud, Sentinel, Entra ID, and Purview.
  
• Embed security into DevOps/CI-CD pipelines via automation using Logic Apps, PowerShell, and KQL.
  
• Select, integrate, and optimize security tools including SIEM/SOAR platforms, firewalls, EDR, and DLP solutions.
  

Security Operations & Incident Response:

• Configure and tune detection rules, analytics, and workbooks in Microsoft Sentinel.
  
• Build automated playbooks for common security incidents to streamline response.
  
• Lead triage, investigation, and root-cause analysis of alerts from Defender and Sentinel.
  
• Leverage AI and automation tools to enhance threat detection, monitoring, and incident response.
  

Collaboration & Continuous Improvement:

• Work closely with cross-functional teams to ensure security best practices are applied across infrastructure and applications.
  
• Continuously improve SOC processes and incident response playbooks leveraging AI-driven analytics.
  

Technical Skills:

• Deep expertise in Microsoft Sentinel, Defender for Endpoint/Identity/Cloud Apps, Entra ID, Purview, and Defender for Cloud.
  
• Scripting and automation: PowerShell, KQL, Azure Logic Apps.
  
• Strong understanding of network security, application security, and vulnerability management.
  
• Familiarity with Security Copilot, AI-driven security tools, and Microsoft 365 Copilot.