• monitor and manage quarantined emails in microsoft defender quarantine portal and cortex xsoar/xdr.
• review, release, or block quarantined messages based on security policies and user requests.
• investigate false positives and ensure legitimate emails are not wrongly blocked.
threat analysis & incident response:
• analyze quarantined emails for phishing, malware, and spam indicators.
• work with soc teams to escalate and remediate high-risk emails.
• investigate email headers, attachments, and links for potential threats.
• maintain and optimize email security policies in microsoft defender for office 365 and palo alto cortex.
• configure spam filters, allow/block lists, and anti-phishing rules.
• assist in tuning security policies to improve detection accuracy.
• coordinate with it, security, and end-users for email release requests.
• educate employees on email security best practices.
• work with vendors and security teams to improve email security controls.
• generate reports on quarantined emails, false positives, and incident trends.
• ensure compliance with email security policies and regulatory requirements.
• document processes, playbooks, and incident handling procedures.
seniority level
mid-senior level
employment type
full-time
job function
business development, information technology, and engineering
industries
it services and it consulting, technology, information and media, and business consulting and services
#j-18808-ljbffr