Senior Client Protection

Your job:

• Implement, configure, and maintain Microsoft Defender for Endpoint across Windows, macOS, and Linux endpoints, including onboarding, configuration baselines, and policy management
• Operate MDE features such as attack surface reduction (ASR), application control (e.g., AppLocker/WDAC policies), Controlled Folder Access, Exploit Protection, and EDR-managed remediation
• Run and manage the vulnerability management lifecycle for endpoints: scan scheduling, authenticated scanning, triage of findings, exploitability assessment, prioritization, SLA assignment, remediation coordination, verification, and reporting
• Deploy, configure, and manage Microsoft Intune (device enrolment, configuration profiles, compliance policies, device compliance reporting, app protection, conditional access posture) to ensure endpoint security posture and integration with Defender
• Collaborate closely with patch management, IT operations, application owners, and engineering teams to drive remediation, validate fixes, and close risk gaps

Your qualification:

• Bachelor’s degree in computer science or related field
• 3+ years Microsoft Defender for Endpoint or equivalent EDR platform (deployment, configuration, hunting, investigations, automated response)
• 3+ years practical experience in vulnerability management for endpoints (scanning, triage, prioritization, remediation coordination)
• 2+ years experience managing Microsoft Intune (device enrolment, configuration profiles, compliance policies, application protection, conditional access integration)
• Advanced knowledge of Windows internals (processes, services, registry, event/log structures) and good exposure to macOS and Linux endpoint artifacts
• Deep knowledge of endpoint & Strong analytical and problem-solving skills
• Understandng of remediation packages in Intune or SCCM & Windows OS
• Scripting and automation knowledge - preferred PowerShell