Implement, configure, and maintain Microsoft Defender for Endpoint across Windows, macOS, and Linux endpoints, including onboarding, configuration baselines, and policy management
Operate MDE features such as attack surface reduction (ASR), application control (e.g., AppLocker/WDAC policies), Controlled Folder Access, Exploit Protection, and EDR-managed remediation
Run and manage the vulnerability management lifecycle for endpoints: scan scheduling, authenticated scanning, triage of findings, exploitability assessment, prioritization, SLA assignment, remediation coordination, verification, and reporting
Deploy, configure, and manage Microsoft Intune (device enrolment, configuration profiles, compliance policies, device compliance reporting, app protection, conditional access posture) to ensure endpoint security posture and integration with Defender
Collaborate closely with patch management, IT operations, application...