SOC Security Engineer – Microsoft Defender XDR

Leapfrog Services, Inc. • Atlanta, Georgia, United States • 1h ago

Atlanta, GA | Full-Time | Hybrid, 3 days in office | On-Call Rotation

Leapfrog Services is seeking a SOC Security Engineer – Microsoft Defender XDR to help strengthen detection, investigation, response, and remediation across our managed client environments.

This is an experienced, hands-on technical role focused on the Microsoft Defender XDR stack, including Defender for Endpoint, Defender for Identity, Defender for Office 365, and related Microsoft security tools. You’ll help define workflows, tune detections, improve alert quality, support complex investigations, and build repeatable processes that allow our SOC to scale.

This is not a passive alert-monitoring role. We’re looking for someone who can step into an evolving environment, separate meaningful risk from noise, and help drive security work from signal to resolution.

What You’ll Do

Own and improve Microsoft Defender deployment and detection standards across managed client environments.
Configure, tune, and improve Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, and Defender for Office 365.
Identify Defender configuration gaps, incomplete deployments, or configuration drift and help remediate issues.
Use Microsoft Defender Advanced Hunting and KQL to investigate suspicious activity, validate detections, and identify threats.
Serve as an escalation resource for SOC Analysts when alerts require deeper investigation or response.
Help improve the alert pipeline across Microsoft Defender, Arctic Wolf, and client-reported security concerns.
Lead complex investigations involving endpoint activity, identity, and authentication signals, email security events, Windows logs, and other available telemetry.
Build attack timelines, determine scope and root cause, assess client impact, and support containment, remediation, and long-term prevention.
Create clear internal/client-facing documentation and improve SOC playbooks, workflows, and response procedures.
Mentor SOC Analysts on alert interpretation, investigation methodology, documentation quality, and use of Defender and Arctic Wolf tools.
Participate in the SOC on-call rotation for urgent security incidents and escalations.

This is not an entry-level SOC role. This position is for someone with hands-on security experience who can step into an evolving environment, help improve workflows, and operate with appropriate independence.

Compensation details: 80000-90000 Yearly Salary