Microsoft Defender Engineer

07/10/2025

Our client is looking for a Microsoft Defender

Position Overview

The Microsoft Defender Engineer will be responsible for enabling and improving Defender capabilities across Identity, Endpoint, Office, and Cloud Apps. This role supports the Security Operations Centre (SOC) in monitoring and threat hunting, while also contributing to compliance efforts aligned with NIS2, ISO 27001, and GDPR. The engineer will collaborate with teams managing Entra ID and Intune, and help define operational processes and SOPs for Defender for Cloud Apps.

Your mission

  • Enable and optimise Microsoft Defender components across the organisation.
  • Support SOC operations in threat detection, monitoring, and hunting.
  • Develop and maintain SOPs for Defender for Cloud Apps configuration.
  • Collaborate with Entra ID and Intune teams on Defender-related security topics.
  • Assist in deployment, tuning, and integration of Defender sensors and policies.
  • Contribute to compliance documentation and controls for NIS2, ISO 27001, and GDPR.
  • Define KPIs and dashboards for Defender operations and incident response.
  • Provide technical guidance and support across IT and security teams.

Your profile

  • 15+ years in IT/Security, with 5–8 years of hands-on experience with Microsoft Defender solutions
  • Hands-on experience with the Microsoft Defender suite (Endpoint, Identity, Office 365, Cloud Apps).
  • Defender for Cloud Apps hands-on experience and skills are mandatory, including configuration, policy tuning, and integration with other Microsoft security tools.
  • Strong understanding of SOC operations, threat detection, and incident response.
  • Familiarity with Intune and Entra ID integrations for security enforcement
  • Ability to build and document processes and SOPs for Defender operations
  • Proficiency in:
    • Kusto Query Language (KQL) for threat hunting and log analysis.
    • PowerShell for automation and configuration scripting.
    • Microsoft Graph API for integration and reporting.
  • Knowledge of compliance frameworks: NIS2, ISO 27001, GDPR.
  • Experience with endpoint onboarding via Intune, SCCM, GPO, or scripting.
  • Strong collaboration and communication skills across IT, security, and compliance teams.
  • Microsoft Certified: Security Operations Analyst Associate (SC-200) is a strong plus.
  • Fluent in English; Dutch and/or French isa plus.

Job specifications

ID: 11249

Duration: 30-9-2025 - 30-4-2026

Location: Brussels

Type: Freelance

Joël De Ben

IT Recruitment Consultant
This position is no longer accepting applications.