HENRY HIRE
Back to Jobs
LS

SOC Security Engineer - Microsoft Defender XDR at Leapfrog Services, Inc.

Leapfrog Services, Inc. Atlanta, GA
Apply Now

JOB DESCRIPTION

Atlanta, GA Full-Time Hybrid, 3 days in office On-Call Rotation


Leapfrog Services is seeking a SOC Security Engineer - Microsoft Defender XDR to help strengthen detection, investigation, response, and remediation across our managed client environments.


This is an experienced, hands-on technical role focused on the Microsoft Defender XDR stack, including Defender for Endpoint, Defender for Identity, Defender for Office 365, and related Microsoft security tools. You'll help define workflows, tune detections, improve alert quality, support complex investigations, and build repeatable processes that allow our SOC to scale.


This is not a passive alert-monitoring role. We're looking for someone who can step into an evolving environment, separate meaningful risk from noise, and help drive security work from signal to resolution.


What You'll Do

  • Own and improve Microsoft Defender deployment and detection standards across managed client environments.
  • Configure, tune, and improve Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, and Defender for Office 365.
  • Identify Defender configuration gaps, incomplete deployments, or configuration drift and help remediate issues.
  • Use Microsoft Defender Advanced Hunting and KQL to investigate suspicious activity, validate detections, and identify threats.
  • Serve as an escalation resource for SOC Analysts when alerts require deeper investigation or response.
  • Help improve the alert pipeline across Microsoft Defender, Arctic Wolf, and client-reported security concerns.
  • Lead complex investigations involving endpoint activity, identity, and authentication signals, email security events, Windows logs, and other available telemetry.
  • Build attack timelines, determine scope and root cause, assess client impact, and support containment, remediation, and long-term prevention.
  • Create clear internal/client-facing documentation and improve SOC playbooks, workflows, and response procedures.
  • Mentor SOC Analysts on alert interpretation, investigation methodology, documentation quality, and use of Defender and Arctic Wolf tools.
  • Participate in the SOC on-call rotation for urgent security incidents and escalations.


This is not an entry-level SOC role. This position is for someone with hands-on security experience who can step into an evolving environment, help improve workflows, and operate with appropriate independence.



What You'll Bring

  • Hands-on experience with the Microsoft security ecosystem, especially Microsoft Defender XDR and Defender for Endpoint.
  • Experience configuring, tuning, and improving Defender deployments in real environments.
  • Experience using Advanced Hunting and KQL to investigate activity, validate detections, and identify threats.
  • Strong understanding of Windows endpoints, identity-based attacks, email threats, and common attacker techniques.
  • Experience investigating and responding to real security incidents.
  • Experience working with SIEM, MDR, EDR, or similar security monitoring and response platforms.
  • Ability to separate false positives from meaningful risk and recommend appropriate action.
  • Strong written communication skills for technical documentation, incident summaries, and client-facing communication.
  • Ability to operate independently during high-severity incidents while keeping teammates, managers, and stakeholders informed.
  • Comfort working in a multi-client environment with varying configurations, priorities, and risk profiles.


Preferred Experience & Certifications

  • Experience working for an MSP, MSSP, or other multi-client security environment.
  • Experience with Arctic Wolf or other MDR platforms.
  • Familiarity with MITRE ATT&CK.
  • Experience with Defender for Identity and Defender for Office 365.
  • Experience creating or improving incident response playbooks.
  • Experience mentoring SOC Analysts or junior security team members.
  • Microsoft security certifications, such as SC-200, AZ-500, or equivalent experience.
  • CompTIA Security+, CySA+, SSCP, CISSP, CISM, or similar security certification.


Why Leapfrog?

  • Competitive salary: $80,000-$90,000, based on experience.
  • Comprehensive benefits: medical, dental, vision, life, and disability.
  • Telemedicine and wellness programs.
  • 401(k) with company match.
  • Education/certification reimbursement.
  • Mileage and expense reimbursement, when applicable.
  • Growth opportunities in a service-focused, collaborative culture.


About Leapfrog Services

Leapfrog Services is a managed IT services and cybersecurity provider serving businesses and nonprofits. Since 1998, we've believed IT should enhance business, not get in the way. We deliver technical expertise with a service-first approach - high-touch, not high-stress.


If you want to use your security expertise to protect real organizations, improve how Microsoft Defender XDR is deployed and operated, and help shape a growing SOC, Leapfrog might be the pond you're looking for!



Compensation details: 0 Yearly Salary



PI83b390ee6d77-6910

Apply Now

Explore More Opportunities

View All Jobs Remote Jobs Jobs with Housing Entry Level Jobs