SeniorAdministrator - Zero - touch

Job Summary

1. MDE Platform Administration (Tenant-Level)\r\n2) Server Onboarding & Offboarding (Windows & Linux)\r\na. Design and operate scalable onboarding processes:\r\n i. Windows Server: MECM/SCCM, GPO, Intune, Azure Arc, scripts; ensure Sense EDR sensor and Defender Antivirus are properly configured (including passive mode transitions if 3rd-party AV present).\r\n ii. Linux Server: Package-based installs (mdatp via apt/yum/zypper), onboarding scripts, repo configuration, proxy settings, and service validation.\r\nb. Maintain golden images / AMIs with pre-onboarding steps, device tagging, and machine groups.\r\nc. Operate offboarding flows (offboarding package/keys) for decom, M&A carve-outs, and cloud auto-scale lifecycles; reconcile stale/duplicate devices.\r\nd. Track coverage: % of in-scope servers onboarded, health status, and remediation of inactive/unhealthy devices.\r\n \r\n \r\n3) Policy, Exclusions & Hardening\r\na. Define/maintain AV policies, EDR in block mode, Attack Surface Reduction (ASR) rules, Network Protection, Controlled Folder Access (where server-appropriate).\r\nb. Implement file/path/process exclusions with risk-based justification, balancing performance and detection efficacy; periodic review, attestation, and removal of stale exceptions.\r\nc. Manage Indicators (IOCs), custom URL/Domain/IP indicators, and controlled testing with robust change control.\r\n4) Operations & Support\r\na. Operate day-to-day MDE tool support: ticket queue, troubleshooting onboarding/health/AV conflicts, performance tuning, and sensor/engine update issues.\r\nb. Partner with SOC/IR on incidents; drive endpoint containment, isolation support, evidence capture, and post-incident hardening actions.\r\n5) Automation & Scale\r\na. Build automation with PowerShell, Bash, Azure Automation, Azure DevOps/GitHub Actions, M365 Defender/Graph APIs\r\n

Key Responsibilities

hands-on MDE Platform Engineer to administer Microsoft Defender for Endpoint across Windows and Linux server estates. You will own the MDE platform in our Azure/M365 tenant, ensure secure and compliant onboarding/offboarding of servers at scale, and manage EDR + Defender Antivirus policies, exceptions, ASR, EDR in block mode, sensor health and agent update rings. The ideal candidate brings deep operational experience with MDE on servers, automation-first mindset, and strong collaboration with Infra, SOC, and platform teams.

Skill Requirements

Windows Server: MECM/SCCM, GPO, Intune, Azure Arc, scripts; ensure Sense EDR sensor and Defender Antivirus are properly configured (including passive mode transitions if 3rd-party AV present).\r\n ii. Linux Server: Package-based installs (mdatp via apt/yum/zypper), onboarding scripts, repo configuration, proxy settings, and service validation.\r\n

Other Requirements

MDE Platform Administration (Tenant-Level)\r\n2) Server Onboarding & Offboarding (Windows & Linux)\r\n