Key skills
Microsoft Defender XDRMicrosoft SentinelEntra IDMicrosoft IntuneMicrosoft PurviewKQLMITRE ATT&CK frameworkAzure servicesMicrosoft SC-200 certificationSIEMThreat detectionIdentity managementEndpoint protectionCloud securityAnalyticsAzureIdentity ManagementCommunicationCloud Security
About this role
SilverSky is a global cyber security company dedicated to protecting its customers with comprehensive security services. They are seeking a Microsoft Security Engineer I to help identify, investigate, and mitigate endpoint threats using Microsoft security technologies, while working across the full Microsoft security stack to ensure client safety and compliance.
Responsibilities:
- Assist in preparing client-ready security reports, executive summaries, and monthly posture reviews
- Perform threat hunting exercises within customer environments using Microsoft Defender XDR, Sentinel, and other tools to identify, investigate, and remediate threats
- Help facilitate training for security operations team on becoming more proficient with Microsoft tools and workflows to aid in investigations
- Collaborate with the incident security operations teams to manage and resolve incidents for Microsoft customers in a timely manner
- Create and improve threat detection strategies based on intelligence from both internal and external sources
- Support onboarding of new managed clients onto the Microsoft security stack
- Investigate endpoint, identity, and cloud alerts; perform initial root cause analysis and document findings
- Support Defender XDR configuration across Defender for Endpoint, Identity, Cloud Apps, and Office 365
- Tune detection rules, analytics queries (KQL), and suppression logic to reduce alert fatigue
- Participate in incident response efforts, coordinating with senior engineers and client stakeholders
- Identify repeatable tasks and propose automation solutions to improve team efficiency
Requirements:
- Hand-on experience in cybersecurity, IT, or a Microsoft cloud role (internships and lab experience count)
- Demonstrated familiarity with at least two Microsoft security tools (Sentinel, Defender, Entra ID, Intune, or Purview)
- Understanding of core security concepts: SIEM, threat detection, identity management, endpoint protection, and the MITRE ATT&CK framework
- Experience writing KQL queries — even basic ones — or a clear demonstrated ability and motivation to learn
- Understanding of cloud security concepts and Azure services
- Ability to analyze and mitigate security threats and incidents
- Problem-solving skills and the ability to work under pressure
- Excellent communication skills to effectively collaborate with technical and non-technical stakeholders
- Current Microsoft SC-200 certification strongly encouraged