Microsoft Defender

• Implement Defender/XDR across cloud and on-prem
• Build detection rules and automate response workflows
• Lead threat hunting and collaborate with SOC teams

Company Description

Showtime Consulting is a leading provider of Shielded Cloud Solutions. Based in Australia and New Zealand, we specialise in secure cloud deployments and extending the cloud to the intelligent edge. Our expertise spans Azure, Azure Stack, AWS, OpenStack, and Red Hat Linux, serving both commercial and government environments, including government-classified clouds. Our mission is to forge the future with secure, innovative technologies that protect and uplift communities, while our vision is to revolutionise seamless collaboration across domains on an ultra-secure platform.

We support national delivery programs involving classified ICT systems, accreditation readiness, and technical assurance across complex environments.

The Role

We're looking for a Cyber Security SME specialising in Microsoft Defender and XDR to design, deploy, and optimise Microsoft's security ecosystem across hybrid and multi-cloud environments. This role enhances threat detection, response, and posture management.

Location: Remote

Contract Length: 5+ Months (Potential to Extend)

Key Responsibilities

• Implement Defender and XDR across Azure, M365, and on-prem.
• Integrate Defender for Endpoint, Cloud, Identity, and Office 365.
• Build detection rules and automation workflows in Sentinel/XDR.
• Conduct threat hunting, incident analysis, and forensics.
• Collaborate with SRE, DevSecOps, and SOC teams.
• Advise on Zero Trust models and compliance standards.

What You'll Need

• Hands-on experience with Microsoft Defender Suite and XDR.
• Expertise in Sentinel, Defender for Cloud/Endpoint.
• Knowledge of Azure AD, Conditional Access, Identity Protection.
• Experience in incident response and SOC operations.
• Familiarity with Logic Apps, Power Automate, KQL, MITRE ATT&CK.

Nice to Have

• Integration experience with Splunk, Palo Alto, CrowdStrike.
• Background in network security and incident automation.