Job Purpose and primary objectives:
The Defender Administrator will play a critical role in managing the transition from McAfee to Microsoft Defender on server environments, ensuring a secure, efficient, and seamless migration.
This role will involve configuring, monitoring, and optimizing Defender installations across all servers, aligning with the organization's security standards and compliance requirements. The Administrator will work closely with cross-functional teams to address potential issues, improve security posture, and deliver a smooth transition to Defender.
Key responsibilities:
1. Plan and oversee the transition from McAfee to Defender on all server environments, ensuring compliance with organizational security policies and standards.
2. Conduct pre-migration assessments to analyze current McAfee configurations, policies, and threat response protocols, ensuring a structured approach to the migration.
3. Configure Defender settings for optimal protection on each server, including enabling and adjusting Threat & Vulnerability Management, Endpoint Detection & Response (EDR), and other Defender ATP features.
4. Customize Defender policies according to the organization's security requirements and compliance standards.
5. Continuously monitor Defender's performance and logs for suspicious activities, responding to alerts, and ensuring servers remain secure post-migration.
6. Act as the primary responder for security incidents detected by Defender, conducting investigations and implementing remediation efforts promptly.
7. Develop and maintain PowerShell or similar scripts to automate Defender configurations, monitoring, and reporting processes, improving operational efficiency.
8. Document Defender configurations, policies, and migration processes thoroughly, ensuring that knowledge is easily accessible for future reference.
9. Prepare regular status reports for stakeholders on migration progress, incidents, and ongoing security improvements post-migration.
10. Collaborate with IT and security teams to optimize Defender settings, enhance threat intelligence, and respond to security incidents.
11. Conduct incident post-mortem analyses, identifying lessons learned and implementing preventive measures.
Key Skills/Knowledge:
1. Strong experience in deploying, configuring, and managing Microsoft Defender, particularly in server environments.
2. Familiarity with McAfee ePO for managing McAfee security on servers, along with a solid understanding of McAfee security products and policies.
3. Proficiency in Windows Server environments.
4. Proficiency in scripting languages like PowerShell to automate Defender configurations, monitoring tasks, and reporting.
5. Familiarity with project management principles, especially in IT migration projects.
6. Hands-on experience onboarding endpoints to Microsoft Defender.
7. Provide design inputs to Technical Architects.
8. Knowledge and experience with Microsoft technologies such as Microsoft Defender for Endpoint, Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft 365 Defender, and Microsoft Cloud App Security.
9. Good knowledge around Endpoint Detection and Response (EDR), Threat & Vulnerability Management (TVM), Attack Surface Reduction (ASR), and Auto Investigation and Remediation (AIR).
10. Experience with Symantec Endpoint Protection (SEPM).
11. Experience in McAfee/Windows Defender Antivirus Policy, Group and Task Configuration.
12. In-depth knowledge of Windows operating systems including Client (7/8/10) and Server OS (2008/2012/2016).
13. Investigative and analytical problem-solving skills across Windows Infrastructure.
14. Developing, coordinating, and maintaining organizational security procedures, processes, and practices and supporting security documentation activities.
15. Hands-on experience in deploying ATP Package through GPO, SCCM, or through Intune.
16. Good understanding of Threat analysis, Threat Hunting, and remediating security issues on endpoints.
17. Hands-on experience on creation of policy, file exclusions, monitoring dashboard, reporting, etc.
During production migration, there will be a possibility for the candidate to work out of hours - candidate should be ready to work out of hours for any migration work.
Person Specification:
1. Negotiating: Client facing, communication, assertive, team leading/team member skills, supportive.
2. Informing: Provides the information people need to know to do their jobs and to feel good about being part of the team, unit, and/or the organization.
3. Problem Solving: Uses rigorous logic and methods to solve difficult problems with effective solutions.
4. Technical Learning: Able to learn new skills quickly and is adept at learning new industry skills and competencies.
Key Relationships & Contacts:
1. With Client: Establish and maintain excellent relationships with customer stakeholders.
2. With Line Manager / Senior Stakeholders: Maintain regular contact with Line Manager / Senior Stakeholders to update and appraise them on critical business issues.
3. With Offshore Teams: Maintain regular contact with required Offshore teams as and when required.
4. With Peers: Develop and maintain positive relationships with other business partners.
Due to the nature and urgency of this post, candidates holding or who have held high-level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take a minimum of 10 weeks.
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
#J-18808-Ljbffr