What success looks like in this role:

Analyzing network traffic to identify compromised systems, negate denial of service attacks, and pinpoint resource abuse.Incorporate threat intelligence feeds into Microsoft Sentinel to enhance threat detection and response capabilities.Develop and implement security automation scripts and playbooks in Microsoft Sentinel to streamline security operations.Create reports and documentation related to security incidents, investigations, and overall security posture.Supporting priority incident investigations and threat intelligence discoveries with hunting expertise to identify the extent of any potential compromise.Respond to security incidents by containing, eradicating, and recovering from them using Microsoft Defender's tools and features.Educate users and colleagues about cybersecurity best practices and the use of Microsoft Defender.Perform onboarding and offboarding defender agents.Troubleshoot Defender agents not reporting to the portalConduct investigations using EDR and live responseConduct Vulnerability Assessment using Defender.Investigate, identify, and prevent or mitigate abusive activities such as intrusion attempts, DDoS, malware distribution, phishing attacks, etc.Monitoring threat/vulnerability landscape and security advisoriesAppropriately manage time and customer issues based on issue severity and business needsContinuously monitors the security alerts queue, triages security alertsMonitors health of customer security sensors and SIEM infrastructureEnsures documented processes and procedures are relevant and up to dateInvestigate, document, and report on any security threat issues as well as emerging trendsEnabling a world-class cyber defense program by working closely with other technical, vulnerability management, incident management, intelligence analyst and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors, and ultimately drive improvement to the organizations’ overall security posture Notify appropriate business stakeholders about serious security events, implement security improvements by assessing current situation, evaluating market trends, and anticipating requirementsPerform threat hunting and threat analysisMonitor, detect, and analyze network threatsEmploy automation to aid in research and hunting tasksWrite blogs and papers related to threat hunting and analysisInvestigate, document, and report all security issues to contribute to incident response

You will be successful in this role if you have:

Key Qualifications

Qualifications:

A Bachelor’s or Master's degree from a university (preferably in Computer Science, Engineering, or a related discipline), or equivalent security industry work experience

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’  EEO commitment here.