Incident Investigation & Response:

• Perform in-depth analysis of escalated alerts from CrowdStrike SIEM & EDR, identifying root causes and true impact.
• Execute containment and remediation actions for malware, ransomware, and unauthorized access.

Endpoint & Policy Management:

• Administer Microsoft Intune for device enrollment, health monitoring, and security baseline enforcement.
• Manage and tune CrowdStrike protection policies, including exclusions and sensor health.

Data Protection & Compliance:

• Configure and optimize Microsoft Purview DLP policies across Endpoints, Exchange, SharePoint, and Teams.
• Manage Purview sensitivity labels and information governance to safeguard PII and sensitive assets.

SOC Engineering:

• Fine-tune SIEM correlation rules and dashboards to reduce false positives and improve detection fidelity.
• Develop and maintain incident response playbooks and operational documentation.