[Remote] Microsoft Security Engineer I

Note: The job is a remote job and is open to candidates in USA. SilverSky is a global cyber security company dedicated to protecting its customers with comprehensive security services. They are seeking a Microsoft Security Engineer I to help identify, investigate, and mitigate endpoint threats using Microsoft security technologies, while working across the full Microsoft security stack to ensure client safety and compliance.

Responsibilities

• Assist in preparing client-ready security reports, executive summaries, and monthly posture reviews
• Perform threat hunting exercises within customer environments using Microsoft Defender XDR, Sentinel, and other tools to identify, investigate, and remediate threats
• Help facilitate training for security operations team on becoming more proficient with Microsoft tools and workflows to aid in investigations
• Collaborate with the incident security operations teams to manage and resolve incidents for Microsoft customers in a timely manner
• Create and improve threat detection strategies based on intelligence from both internal and external sources
• Support onboarding of new managed clients onto the Microsoft security stack
• Investigate endpoint, identity, and cloud alerts; perform initial root cause analysis and document findings
• Support Defender XDR configuration across Defender for Endpoint, Identity, Cloud Apps, and Office 365
• Tune detection rules, analytics queries (KQL), and suppression logic to reduce alert fatigue
• Participate in incident response efforts, coordinating with senior engineers and client stakeholders
• Identify repeatable tasks and propose automation solutions to improve team efficiency

Skills

• Hand-on experience in cybersecurity, IT, or a Microsoft cloud role (internships and lab experience count)
• Demonstrated familiarity with at least two Microsoft security tools (Sentinel, Defender, Entra ID, Intune, or Purview)
• Understanding of core security concepts: SIEM, threat detection, identity management, endpoint protection, and the MITRE ATT&CK framework
• Experience writing KQL queries — even basic ones — or a clear demonstrated ability and motivation to learn
• Understanding of cloud security concepts and Azure services
• Ability to analyze and mitigate security threats and incidents
• Problem-solving skills and the ability to work under pressure
• Excellent communication skills to effectively collaborate with technical and non-technical stakeholders
• Current Microsoft SC-200 certification strongly encouraged

Company Overview