Why this role matters
AInative work only succeeds when identity, devices, data, applications, and cloud environments are secure by design. As organizations accelerate the use of Copilot, agents, and modern work, you will lead the security foundation that makes this possible. Your job is to implement the technologies, reduce risk, modernize SecOps, and ensure our customers can innovate safely.
What You Will Deliver
- Build unified SecOps environments using Microsoft Sentinel and Microsoft Defender XDR
- Deploy, integrate, configure and optimize Defender for Endpoint, Identity, Office 365, Cloud Apps, and multi-cloud workloads
- Implement modern identity security with Conditional Access, Entra ID Protection, PIM, and Zero Trust baselines
- Implement device management and security using Microsoft Intune and Defender for Endpoint
- Roll out data security and compliance solutions including Purview data classification with sensitivity labels, data protection and Data Loss Prevention, automatic classification, as well as Insider Risk Management and other Microsoft Purview features.
- Enable Copilot for Security scenarios for investigations, threat hunting, and automated response
- Provide clear documentation and governance models, SOC runbooks, and customer enablement that improves operational maturity
What you will do
- Lead discovery, architecture, and remediation workshops with customer CISOs and security teams. including customer implementation.
- Operationalize Defender XDR endtoend with measurable improvements in detection and response
- Lower identity risk with Conditional Access redesigns and hardened authentication flows
- Improve data security posture with Purview policies, Insider Risk workflows, and sensitivity classification
- Guide SOC teams in using Copilot for Security for investigations, triage, reporting, and hunting
- Produce executivelevel insights that connect security outcomes to business impact
- Build analytics rules, automation, UEBA, and hunting queries in Sentinel. (Bonus)
What you bring
- Strong delivery experience with Microsoft security stack: Defender XDR, Entra ID, Purview, Defender for Cloud, Sentinel.
- Experience with Zero Trust architectures and modern identity lifecycle practices
- Ability to operate across SecOps, cloud security, identity, and data protection
- Experience working with enterprise customers across MEA is a strong plus
- Strong workshop, communication, and customerfacing consulting skills
- Bonus: Experience with Copilot for Security, agentbased security models, GitHub Advanced Security, and multi-cloud security
- Experience with KQL skills for threat hunting, detection engineering, and investigations.
Certifications that help
SC200, SC300,SC400 Or SC-401, SC100, AZ500 (not required but beneficial)
What Success Looks Like In 6 Months
- Leading Microsoft Security products implementation with Sulava MEA customers.
- Customer SecOps running on a unified DefenderSentinel workspace
- Clear reduction in identityrelated risk via optimized Conditional Access and Entra controls
- Data protection guardrails in place with Purview and Insider Risk
- Cloud security posture tracked and improving across Azure.
- Copilot for Security actively used in investigations or phishing triage with a defined consumption model.
