Job Summary: Serve as a Blue Team Specialist, leading cyber threat monitoring, detection, and response initiatives; designing security architectures; and managing Microsoft Defender solutions. Key Highlights: 1. Lead threat monitoring, detection, and response initiatives. 2. Design robust and scalable security architectures. 3. Manage and integrate Microsoft Defender solutions. **Job Description** Serve as a Blue Team Specialist, leading cyber threat monitoring, detection, and response initiatives. Design robust and scalable security architectures focused on active defense, attack surface reduction, and Zero Trust. Implement and enhance monitoring based on Microsoft Sentinel, creating detection rules (KQL), dashboards, and SOAR-based automations. Manage and integrate Microsoft Defender solutions (Endpoint, Identity, Cloud, Email) to ensure unified visibility and response. Develop use cases aligned with MITRE ATT&CK and frameworks such as NIST CSF, CIS Controls, and OWASP. Coordinate continuous improvement of alerts, response playbooks, and telemetry coverage across hybrid and multicloud environments. Support the SOC team in analyzing complex incidents, threat hunting, and forensic investigations. Collaborate with security architects and GRC teams to ensure compliance and governance. Produce technical documentation and executive reports on security posture. **Qualifications** Proven experience in Blue Team, Offensive/Defensive Security, or Security Operations (SOC/NOC). Advanced knowledge of Microsoft Sentinel (KQL, analytic rules, workbooks, Logic Apps-based automations). Proficiency in Microsoft Defender solutions: Defender for Endpoint, Identity, Cloud, and Email. Experience with frameworks such as MITRE ATT&CK, NIST CSF, CIS Controls, and Zero Trust. Hands-on experience in cybersecurity architecture (cloud and on-premises). Strong analytical and investigative reasoning skills. Intermediate English