Cyber Defense Engineer - Erlanger, KY
Archer Daniels Midland
Cyber Defense Engineer - Erlanger, KY
We are seeking a skilled and proactive Cyber Defense Engineer with deep expertise in the Microsoft Security stack, including Microsoft Defender, Microsoft Sentinel, and the broader Microsoft 365 and Azure ecosystems. In this role, you will design, implement, and manage advanced cyber defense capabilities, focusing on detection, investigation, and response to cyber threats across hybrid and cloud environments.
Key ResponsibilitiesThreat Detection & ResponseDevelop and fine-tune Microsoft Sentinel analytics rules, workbooks, hunting queries, and playbooks.Integrate Microsoft Defender products (Defender for Endpoint, Identity, Cloud Apps, Office 365, etc.) into SIEM & SOAR platforms.Mentor and guide Security Analysts on monitoring, analysis, and response to security alerts and incidents using Microsoft Defender and others security toolsMentor and guide Security Analysts conduct threat hunting across the Microsoft ecosystem using KQL and other tools.Engineering & IntegrationHelp design and implement end-to-end security monitoring solutions using Microsoft security tools.Automate response actions using Sentinel Playbooks (Logic Apps), Defender APIs, Service Now, and other security tools.Ensure telemetry from endpoints, identities, email, cloud workloads, and third-party sources is normalized and ingested properly into SIEM.Collaborate with IT and cloud engineering teams to ensure Microsoft security tools are correctly deployed and configured.Contribute to the development of security baselines for Microsoft 365, Azure, and hybrid environments.Continuous ImprovementStay current with evolving threats, vulnerabilities, and Microsoft product developments.Evaluate and implement new features within Microsoft Defender and Sentinel to enhance detection and response.Provide knowledge sharing and mentorship to junior analysts and engineers.Required QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field — or equivalent practical experience.3+ years of experience in cybersecurity with a focus on Microsoft security technologies.Strong hands-on experience with:Microsoft Sentinel (KQL, workbooks, playbooks, analytics rules)Microsoft Defender XDR suite (Defender for Endpoint, Identity, Cloud Apps, Office 365)Microsoft 365 DefenderAzure Security CenterPowerShellProficiency in Kusto Query Language (KQL) for threat hunting and custom detection creation.Experience with security incident response, SIEM/SOAR processes, and threat intelligence application.Familiarity with MITRE ATT&CK, Zero Trust principles, and NIST cybersecurity frameworks.Preferred QualificationsMicrosoft certifications such as:SC-200: Microsoft Security Operations AnalystSC-100: Microsoft Cybersecurity ArchitectAZ-500: Microsoft Azure Security EngineerExperience with Service Now, Service Now Security Operations, PowerShell, Logic Apps, and API integrations for automation.Familiarity with Microsoft Purview, Entra ID (Azure AD), and Defender for Cloud.Experience in hybrid environments (on-prem + Azure/M365).Knowledge of other security tools (ArcSight, Proxy, Splunk, etc.) is a plus.Excited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:101773BR
We are seeking a skilled and proactive Cyber Defense Engineer with deep expertise in the Microsoft Security stack, including Microsoft Defender, Microsoft Sentinel, and the broader Microsoft 365 and Azure ecosystems. In this role, you will design, implement, and manage advanced cyber defense capabilities, focusing on detection, investigation, and response to cyber threats across hybrid and cloud environments.
Key ResponsibilitiesThreat Detection & ResponseDevelop and fine-tune Microsoft Sentinel analytics rules, workbooks, hunting queries, and playbooks.Integrate Microsoft Defender products (Defender for Endpoint, Identity, Cloud Apps, Office 365, etc.) into SIEM & SOAR platforms.Mentor and guide Security Analysts on monitoring, analysis, and response to security alerts and incidents using Microsoft Defender and others security toolsMentor and guide Security Analysts conduct threat hunting across the Microsoft ecosystem using KQL and other tools.Engineering & IntegrationHelp design and implement end-to-end security monitoring solutions using Microsoft security tools.Automate response actions using Sentinel Playbooks (Logic Apps), Defender APIs, Service Now, and other security tools.Ensure telemetry from endpoints, identities, email, cloud workloads, and third-party sources is normalized and ingested properly into SIEM.Collaborate with IT and cloud engineering teams to ensure Microsoft security tools are correctly deployed and configured.Contribute to the development of security baselines for Microsoft 365, Azure, and hybrid environments.Continuous ImprovementStay current with evolving threats, vulnerabilities, and Microsoft product developments.Evaluate and implement new features within Microsoft Defender and Sentinel to enhance detection and response.Provide knowledge sharing and mentorship to junior analysts and engineers.Required QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field — or equivalent practical experience.3+ years of experience in cybersecurity with a focus on Microsoft security technologies.Strong hands-on experience with:Microsoft Sentinel (KQL, workbooks, playbooks, analytics rules)Microsoft Defender XDR suite (Defender for Endpoint, Identity, Cloud Apps, Office 365)Microsoft 365 DefenderAzure Security CenterPowerShellProficiency in Kusto Query Language (KQL) for threat hunting and custom detection creation.Experience with security incident response, SIEM/SOAR processes, and threat intelligence application.Familiarity with MITRE ATT&CK, Zero Trust principles, and NIST cybersecurity frameworks.Preferred QualificationsMicrosoft certifications such as:SC-200: Microsoft Security Operations AnalystSC-100: Microsoft Cybersecurity ArchitectAZ-500: Microsoft Azure Security EngineerExperience with Service Now, Service Now Security Operations, PowerShell, Logic Apps, and API integrations for automation.Familiarity with Microsoft Purview, Entra ID (Azure AD), and Defender for Cloud.Experience in hybrid environments (on-prem + Azure/M365).Knowledge of other security tools (ArcSight, Proxy, Splunk, etc.) is a plus.Excited about this role but don’t think you meet every requirement listed? We encourage you to apply anyway. You may be just the right candidate for this role or another one of our openings.
ADM requires the successful completion of a background check.
REF:101773BR
Confirmar seu email: Enviar Email
Todos os Empregos de Archer Daniels Midland