The Microsoft Security Operations Analyst collaborates with organisational stakeholders to secure information technology systems for the organisation. Their goal is to reduce organisational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organisational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.