Computer Systems Operator Team Leader

• Build and lead a fit-for-purpose SOC capability.
• Own and oversee the SOC operations, ensuring timely identification, analysis, and response to security events and incidents.
• Enhance detection capabilities through onboarding data and leveraging automation scripting within Microsoft Sentinel or similar SIEM/SOAR platforms.
• Administer and support Microsoft 365 Defender products (Endpoint, Cloud, O365, and Identity) within an enterprise environment.
• Develop and maintain government-compliant security policies and frameworks, including ISM, PSPF, and Essential Eight.
• Collaborate with cross-functional teams to implement security measures aligned with organizational goals.

• Working knowledge of operating systems, including Windows desktop and server, and Linux.
• Familiarity with protection technologies such as web proxies, email gateways, firewalls, intrusion detection/prevention systems, and web application firewalls.
• Proficiency in Microsoft Sentinel or similar SIEM/SOAR platforms.
• Understanding of network protocols (IP, TCP, UDP, DHCP, DNS, SMTP, HTTP/S) and Public Key Infrastructure (PKI) concepts.
• Experience with automation scripting and administration of Active Directory, Group Policy, and Azure Active Directory.
• Minimum of 5 years of enterprise desktop, server, or network support, preferably in a government context.
• At least 1 year of experience in security event identification, analysis, and incident response.
• Proven track record in onboarding data and enhancing detection capabilities within Microsoft Sentinel or similar platforms.
• Familiarity with government security policies and frameworks (ISM, PSPF, Essential Eight).

Talent International