M365 e-discovery
4 days ago
M365 e-discovery
Primary Skill: Security Systems Support: Provide advanced support for Microsoft Purview (E-discovery), including configuration, deployment, and management
Email Threat Detection and Response: Monitor and respond to security incidents using Microsoft Purview (e-discovery) like advance e-discovery, Content search, litigation hold, case management
Good understanding of Data Loss Prevention, Azure Information Protection, KQL, Data Governance and Custodian management
Policy Management: Develop and enforce procedures to ensure the end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations
Troubleshooting: Enable and utilize troubleshooting mode in Microsoft Purview to diagnose and resolve issues related to e-discovery and after creating an eDiscovery case and choosing who has access to it, use the case to search for email, documents, Skype for Business conversations, Teams data, and other content in your organization. You can then preserve the content and export the search results for further analysis
Incident Response: Lead incident response efforts, including investigation, containment, eradication, and recovery, Advance Hunting with KQL and search conditions
Compliance: Ensure compliance with industry standards and regulatory requirements
Integration: Integrate Microsoft Defender with other security tools and platforms
Reporting: Generate and analyze reports to identify trends and areas for improvement. Lead and manage a team of security professionals, providing guidance, mentorship, and performance evaluations. Coordinate team activities, set goals, and ensure effective communication and collaboration within the team
Training and Support: Provide training and support to end-users and IT staff on email security best practices related to e-discovery
Additional Skills: Experience with other Microsoft Solutions such as Auditing, Information Barriers, Records Management, data Governance and security
Experience with other Microsoft security products, such as MDO, Email security issues
Knowledge on Mail relay services, smtp relays Knowledge of scripting and automation tools (e.g., PowerShell, Microsoft Graph)Preferred certifications include Microsoft Certified: Security, Compliance, and Identity Fundamentals, SC-400, SC-200Experience: Minimum 5 years of experience in cybersecurity, with a focus on M365 security and ComplianceSkills:In-depth knowledge of Microsoft Defender for O365 (security and compliance)Strong understanding of the current threat landscape
Experience with incident response and threat hunting
Familiarity with email mail flows and compliance standards
Excellent problem-solving and analytical skills
To clearly understand the client's cybersecurity environment and respective product
To monitor, configure, and troubleshoot cybersecurity issues and related monitoring tools
To analyze and validate cybersecurity incidents in-detail and help the L3 team with RCA/data or logs collection
To enable knowledge transfer/trainings through creation/ maintenance of configuration documents, test plans, operational manuals and provide operational training to L1 team
To analyze and fine-tune cybersecurity policies, participate in cybersecurity review calls pertaining to change requests & recommendations on cybersecurity policy changes
