SOC / EDR Alert Analyst - Level 1 (Microsoft Defender for Endpoint)

SOC / EDR Alert Analyst - Level 1 (Microsoft Defender for Endpoint) Level 1 EDR Analyst focused on day-to-day endpoint alert analysis and initial response using Microsoft Defender for Endpoint within a SOC environment. Primary Platform: Microsoft Defender for Endpoint (MDE) Operating Model: SOC / 247 Shift-Based Roles & Responsibilities: Monitor and analyse endpoint security alerts generated by Microsoft Defender for Endpoint (MDE), using device, user, and alert context to assess severity and legitimacy. Perform initial investigation and triage to differentiate false positives, benign activity, and potential security incidents. Execute first-level endpoint response actions, including device isolation and basic containment, within defined authority. Make sound escalation decisions and escalate cases to Level 2 with clear observations, actions taken, and supporting context. Support investigation or response activities under guidance from Level 2 during active incidents. Escalate cases im...