Microsoft Threat Protection

Overview:
**Role**:? (**Microsoft Defender for Endpoint) (SME) -(Implementation) - (Threat Protection)**

Experience**:7 to 12 Years**

Primarily Involved in Microsoft Defenders (MDE, MDI, MDO, Defender for Cloud Apps, Azure AD) Implementation activities. Should have a thorough understanding of Endpoint Detections, Migration from Third-party tools like (Proofpoint, and Crowdstrike to M365 Defender for O365 & M365 Defender for Endpoint), Active Directory/Azure Active Directory and Threat Intelligence.

The following skills are mandatory,
- Strong knowledge of Active Directory and Azure Active Directory.
- Should have the migration experience from Crowdstrike to Defender for Endpoint
- Must have device(s) onboarding and off-boarding experience through Manual process/Intune/SCCM/ Puppet/Chef/Satellite/Workplace one
- Should have good knowledge of reviewing all prerequisites for Network, URLs, ports, and firewall configurations.
- Good knowledge of creating packages for Windows and Linux machines
- Should have Experience in AIR (Automated Investigations and Remediation) policies and their implementation.
- Should have Experience in Attack Surface Reduction (ASR) policies and their implementation.
- Should have experience handling global customers in delivery.
- Experience in cloud integration modules such as MS Defender portfolio with MS Defender for cloud
- Should be able to integrate the M365 Defender logs to the SIEM solutions (Azure Sentinel, Splunk, Qradar)
- Should coordinate with the vendor in case of any issues and resolutions.
- should have the understanding to work closely with the PM, DM, and respective stakeholders in the project.
- Should be able to create standard design High level, low-level design documents, questionnaires and other technical documents relating to Microsoft Defenders Portfolio (MDE, MDO, MDI, Defender for cloud apps, Azure AD P2)
- Should have the Security policy configuration on MDE & Integration with Microsoft Sentinel

**Role**:? (**Microsoft Defender for Endpoint) - (Architect / Sr. Architect / Consultant / Sr. Consultant / Principal Consultant)
- (Threat Protection)**

Experience**:12 to 18 Years**

Primarily Involved in Microsoft Defenders (MDE, MDI, MDO, Defender for Cloud Apps, Azure AD) Implementation activities. Should have a thorough understanding of Endpoint Detections, Migration from Third-party tools like (Proofpoint, and Crowdstrike to M365 Defender for O365 & M365 Defender for Endpoint), Active Directory/Azure Active Directory and Threat Intelligence.

The following skills are mandatory,
- Strong knowledge of Active Directory and Azure Active Directory.
- Should have the migration experience from Crowdstrike to Defender for Endpoint
- Must have device(s) onboarding and off-boarding experience through Manual process/Intune/SCCM/ Puppet/Chef/Satellite/Workplace one
- Should have good knowledge of reviewing all prerequisites for Network, URLs, ports, and firewall configurations.
- Good knowledge of creating packages for Windows and Linux machines
- Should have Experience in AIR (Automated Investigations and Remediation) policies and their implementation.
- Should have Experience in Attack Surface Reduction (ASR) policies and their implementation.
- Should have experience handling global customers in delivery.
- Experience in cloud integration modules such as MS Defender portfolio with MS Defender for cloud
- Should be able to integrate the M365 Defender logs to the SIEM solutions (Azure Sentinel, Splunk, Qradar)
- Should coordinate with the vendor in case of any issues and resolutions.
- should have the understanding to work closely with the PM, DM, and respective stakeholders in the project.
- Should be able to create standard design High level, low-level design documents, questionnaires and other technical documents relating to Microsoft Defenders Portfolio (MDE, MDO, MDI, Defender for cloud apps, Azure AD P2)
- Should have the Security policy configuration on MDE & Integration with Microsoft Sentinel