Security Engineer III - Microsoft defender

Requisition Number: 104311 

Security Engineer III – Microsoft Security

Location: This is a hybrid opportunity in Delhi NCR, Bangalore, Hyderabad, Gurugram area. 

Shift: 24*7 Rotational Shifts

Insight at a Glance

• 14,000+ engaged teammates globally with operations in 25 countries across the globe.
• Received 35+ industry and partner awards in the past year
• $9.2 billion in revenue
• #20 on Fortune’s World's Best Workplaces™ list
• #14 on Forbes World's Best Employers in IT – 2023
• #23 on Forbes Best Employers for Women in IT- 2023
• $1.4M+ total charitable contributions in 2023 by Insight globally

Now is the time to bring your expertise to Insight. We are not just a tech company; we are a people-first company. We believe that by unlocking the power of people and technology, we can accelerate transformation and achieve extraordinary results. As a Fortune 500 Solutions Integrator with deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organisations through complex digital decisions.                                                                                       

About the team:

We are providing Security L1/L2/L3/Engineering support for Identity, Network, App Security, Email Security based on Microsoft, Zscaler, Cisco and other ISV Tools following the cloud security model that provides organizations with a range of security solutions and services. This service model is designed to help organizations protect their networks, systems, and data from a variety of security threats, such as cyberattacks, data breaches, and unauthorized access.​

As a Security Engineer III, you'll-

Microsoft Defender Suite

• Lead configuration, tuning, and optimization of Microsoft Defender XDR, Defender for Endpoint, and Defender for Office 365 to ensure maximum threat detection and minimal false positives.
• Manage advanced threat protection policies, Safe Links, Safe Attachments, and real-time detections.
• Investigate and respond to sophisticated threats detected by Defender XDR, performing root cause analysis and recommending preventive measures.

Microsoft Sentinel (SIEM/SOAR)

• Architect and maintain Sentinel workbooks, analytics rules, hunting queries, and automation playbooks.
• Correlate incidents across multiple data sources and perform proactive threat hunting.
• Integrate Sentinel with Defender stack, Microsoft 365, Azure resources, and third-party security tools.

Microsoft Azure Security

• Implement and manage Azure security controls, including Conditional Access, Identity Protection, and Security Center/Defender for Cloud.
• Review and harden Azure configurations against best practices and compliance frameworks.

Microsoft Intune (Endpoint Management)

• Design, configure, and manage Microsoft Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM).
• Deploy and enforce CIS benchmark-aligned security baselines via Intune for Windows endpoints.
• Create and maintain compliance and configuration profiles for Windows, iOS, Android, and macOS devices.
• Integrate Intune with Defender for Endpoint for automated device compliance actions.
• Troubleshoot Intune policy conflicts, deployment failures, and device enrollment issues.

Incident Response & Escalation

• Act as L3 escalation point for complex incidents from L1/L2 SOC teams.
• Lead incident triage, forensic investigation, and remediation coordination.
• Provide post-incident reports and recommendations to improve detection and response.

Security Optimization & Best Practices

• Conduct regular health checks, policy reviews, and configuration audits across Microsoft security tools.
• Align configurations with industry frameworks (NIST CSF, CIS Benchmarks, Zero Trust principles).
• Mentor and guide junior engineers on advanced troubleshooting and optimization.

What we are looking for-

• B.E./B.Tech/Graduate in Computer Science, Cybersecurity, or related field.
• Minimum 4–6 years in cybersecurity with at least 3 years in advanced Microsoft security engineering roles.
• Exp on Tools & Technologies
  • Microsoft Defender XDR
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Microsoft Sentinel (SIEM/SOAR)
  • Microsoft Azure Security & Compliance
  • Microsoft Defender for Cloud
  • Kusto Query Language (KQL) for hunting and analytics
• Certifications (Preferred):
  • Microsoft Certified: Security Operations Analyst Associate SC-200
  • Microsoft Certified: Azure Security Engineer Associate AZ-500
• Skills:
  • Strong expertise in Microsoft Defender suite, Sentinel, and Azure security.
  • Proficiency in KQL for advanced threat hunting.
  • Deep understanding of email security, endpoint protection, and cloud security.
  • Experience with incident response, threat hunting, and security automation.

Soft Skills

• Strong analytical and problem-solving abilities.
• Excellent communication and documentation skills.
• Ability to work under pressure during critical incidents.
• Leadership in guiding L1/L2 teams and collaborating with cross-functional stakeholders.

What you can expect

We’re legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include:

• Medical Insurance
• Health Benefits
• Professional Development: Learning Platform and Certificate Reimbursement 

But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities.

Join us today, your Ambitious journey starts here.

When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process.

At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you!
Today's talent leads tomorrow's success. Learn more about Insight: 
https://www.linkedin.com/company/insight/

Insight does not accept unsolicited resumes from recruiters or employment agencies. Unsolicited resumes will be treated as direct applications from the candidate, and recruiters or agencies who submit candidates for this position without a prior, written vendor agreement will not be eligible for any form of compensation, even if the candidate is hired.

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India