America's Job Portal
The Principal Microsoft Defender XDR, IRM & Deception Engineer, working within the Global Information and Cyber Security Defence (ICSD) function, is the technical leader for enterprise cyber deception and unified detection and response across the Microsoft security ecosystem. The role focuses on building, operating, and continuously evolving an enterprise-grade Insider Risk Management (IRM) and deception programme - including honeypots, honeytokens, decoy users, decoy devices, deceptive credentials, and breadcrumbs - fully integrated with Microsoft Defender XDR (Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud Apps), Microsoft Sentinel, and Microsoft Security Copilot.
The role exists to detect adversaries earlier in the kill chain by deceiving attackers into engaging with high-fidelity traps, while delivering unified detection, automated investigation, and response across endpoint, identity, email, and cloud workloads. It combines d...