Microsoft Defender Engineer - 3 Month Contract - Inside IR35 - Fully remote
Contract Type: Initial 3 month contract (Inside IR35)
Rate: £450 per day Inside IR35
Location: Fully Remote
Active SC Clearance required
Role Overview
We are looking for a Defender Engineer to join on a 3-month remote contract, with locations across Gloucester and Warrington as required. The role is responsible for migrating Windows and Linux Servers from Legacy antivirus solutions (Symantec/McAfee) to Microsoft Defender ATP, operating within a complex, nuclear-sensitive environment.
Note: Active, transferable SC clearance is required.
Key Responsibilities
- Lead the migration of Windows and Linux Servers from Symantec/McAfee Legacy AV solutions to Microsoft Defender ATP, validating current AV exclusion policies and implementing MDE policies across the estate
- Create and manage AAD device groups for exclusion and policy deployment, and develop a migration approach suited to a complex, nuclear-sensitive environment
- Lead discussions with the Image Management team on MDE images for auto-scaling environments, and manage Defender installation file creation and distribution
- Implement and document MDE policies, file exclusions, monitoring dashboards, and reporting, ensuring high-level security controls are deployed to endpoints as per best practice
- Remove Legacy antivirus solutions from Servers and provide end-to-end Microsoft Defender support including EDR, Threat & Vulnerability Management, Attack Surface Reduction, and Auto Investigation and Remediation
Top 5 Skills
- Hands-on experience onboarding Windows and Linux (RHEL) Servers to Microsoft Defender ATP, with proven experience managing complex AV migrations from Symantec or McAfee environments
- Strong knowledge across the Microsoft Defender suite - Defender for Server, Defender for O365, Defender for Identity, M365 Defender, and Microsoft Cloud App Security
- Experience deploying ATP packages through GPO, SCCM, or Intune, with in-depth knowledge of Windows Client and Server OS (2008/2012/2016) and Linux RHEL
- AV exclusion management skills combined with good understanding of EDR, Threat & Vulnerability Management, Attack Surface Reduction, and threat hunting on endpoints
- Strong documentation skills covering deployment approach, MDE policy creation, and security procedures - SC clearance required (active and transferable)