Job Purpose and primary objectives:
The Defender Administrator will play a critical role in managing the transition from McAfee to Microsoft Defender on server environments, ensuring a secure, efficient, and seamless migration.
*This role will involve configuring, monitoring, and optimizing Defender installations across all servers, aligning with the organization's security standards and compliance requirements.
*The Administrator will work closely with cross-functional teams to address potential issues, improve security posture, and deliver a smooth transition to Defender
Key responsibilities:
*Plan and oversee the transition from McAfee to Defender on all server environments, ensuring compliance with organizational security policies and standards.
*Conduct pre-migration assessments to analyse current McAfee configurations, policies, and threat response protocols, ensuring a structured approach to the migration.
*Configure Defender settings for optimal protection on each server, including enabling and adjusting Threat & Vulnerability Management, Endpoint Detection & Response (EDR), and other Defender ATP features.
*Customize Defender policies according to the organization's security requirements and compliance standards.
*Continuously monitor Defender's performance and logs for suspicious activities, responding to alerts, and ensuring servers remain secure post-migration.
*Act as the primary responder for security incidents detected by Defender, conducting investigations and implementing remediation efforts promptly.
Develop and maintain PowerShell or similar scripts to automate Defender configurations, monitoring, and reporting processes, improving operational efficiency.
*Document Defender configurations, policies, and migration processes thoroughly, ensuring that knowledge is easily accessible for future reference.
*Prepare regular status reports for stakeholders on migration progress, incidents, and ongoing security improvements post-migration.
*Collaborate with IT and security teams to optimize Defender settings, enhance threat intelligence, and respond to security incidents.
*Conduct incident post-mortem analyses, identifying lessons learned and implementing preventive measures.
Key Skills/Knowledge:
*Strong experience in deploying, configuring, and managing Microsoft Defender, particularly in server environments.
* Familiarity with McAfee ePO for managing McAfee security on servers, along with a solid understanding of McAfee security products and policies.
* Proficiency in Windows Server environments
* Proficiency in scripting languages like PowerShell to automate Defender configurations, monitoring tasks, and reporting.
* Familiarity with project management principles, especially in IT migration projects.
* Hands on Experience onboarding end Points to Microsoft Defender
* Provide design Inputs to Technical Architects
* Have knowledge and experience with Microsoft technologies such as but not limited to: Microsoft Defender for Endpoint, Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft 365 Defender and Microsoft Cloud App Security
* Good knowledge around Endpoint Detection and Response (EDR), Threat & Vulnerability Management (TVM), Attack Surface Reduction (ASR), and Auto Investigation and Remediation (AIR)
* Experience with Symantec Endpoint Protection (SEPM)
* Experience in McAfee/ Windows Defender Antivirus Policy, Group and Task Configuration
* In depth knowledge of Windows operating systems including Client (7/8/10) and Server OS (2008/2012/2016)
* Investigative and analytical problem-solving skills across Windows Infrastructure
* Developing, coordinating, and maintaining organizational security procedures, processes, and practices and supporting security documentation activities.
* Hands on Experience in deploying ATP Package through GPO, SCCM or through Intune
* Good Understanding of Threat analysis, Threat Hunting, and remediating security issues on End Points
* Hands on Experience on Creation of Policy, file Exclusions, Monitoring Dashboard, Reporting. etc
* During production migration, there will be a possibility for candidate to work out of hours - candidate should be ready to work out of hours for any migration work.
Person Specification:
I.e. Negotiating, client facing, communication, assertive, team leading/team member skills, supportive. INFORMING
* Provides the information people need to know to do their jobs and to feel good about being part of the team, unit, and/or the organization. Is able to provide informative and quantifiable information so that accurate decision making can be taken in a timely manner.
PROBLEM SOLVING
* Uses rigorous logic and methods to solve difficult problems with effective solutions and probes all fruitful sources for answers. Can see hidden problems and is excellent at detailed analysis by looking beyond the obvious and doesn't stop at the first answer.
TECHNICAL LEARNING
* Able to learn new skills quickly and is adept at learning new industry skills and competencies via various methods, including research and attendance at technical courses and seminars etc.
KEY RELATIONSHIPS & CONTACTS
With Client
* Establish and maintain excellent relationship with customer stakeholders and develop processes to improve efficiency and effectiveness for the client as an on-going basis.
* With Line Manager / Senior Stakeholders
* Maintain regular contact with Line Manager / Senior Stakeholders to update and appraise them on critical business issues and data points.
With Offshore Teams
* Maintain regular contact with required Offshore teams as and when required to update them on current issues and decisions, seeking support for issues that affect the success of the contracts on-going deliverables as and when required.
With Peers
* Develop and maintain positive relationships with other business partners, both internal and external, ensuring best practice advice is shared and maximum efficiency achieved.
With Others
Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.