- Supports the administrative maintenance for M365 cloud security services, dark web monitoring and web application security scanning services to help maintain high availability, optimally performing services and good end-user cyber hygiene practices.
- Monitor Managed Security Service (MSS) tickets and resolve them in timely fashion.
- Work with Security Analysts team and coordinate on the internal solutions desk and MSS tickets.
- Performs extensive mailbox searches to find and remove targeted emails identified as potential cybersecurity risks using security tools and platforms.
- Serves as the primary escalation point (Level 1) with respect to M365 cloud services for all Information Technology teams. Monitors and identifies security risks and vulnerabilities to our M365 environment and proposes and recommends mitigation actions.
- Maintains email related security technologies, services and features to prevent unauthorized access, malware delivered as attachments, phishing attempts, and account compromises; proposes email related information to security awareness activities.
- Establishes email related standards and procedures; Assists team in conducting periodic security audits.
- Provides assistance in communicating identity/privileged access issues to the Sr. Security Analyst Manager.
- Works at multiple physical locations, including (but not limited to) Headquarters and the Integrated Operations Center
- Must obtain a Security Identification Display Area (SIDA) in accordance with Department of Homeland Security Transportation Security Administration (TSA) requirements in Chapter 49 of the Code of Federal Regulations Part 1500 et. Al.
Qualifications & Experience:
- 3+ years’ Experience
- Experience with the Microsoft 365 security, compliance and cloud-app security platform
- Experience working with Exchange PowerShell for scripting and automation
- Experience with email security layers (e.g., SPF, DKIM, DMARC, etc.).
- Understanding and working knowledge of TCP/IP, SSL, OT Protocols, Networking, and DNSThreat Hunting
- Threat Intelligence
- Table Top Exercise
- Mailbox related incident response and Security Incident Response handling.
- MSSP tickets, CMDB tickets and M365 incident tickets.
- Digital Forensics
- Cloud Security in compliance with Azure policies.
- Vulnerability Scanning for most recent updates. Applications and Network scans for vulnerabilities
- PCI audits and mitigate the risks.
- Load balancer, Firewall rules Intune MDM, End point security and alert policies.
- Microsoft O365 alerts and mitigate the Cybersecurity risks in a timely manner.