Syntax
POSITION SUMMARY
The Microsoft Security Specialist plays a key role in Syntax’s Global Security organization and Microsoft growth strategy by delivering Microsoft-funded security workshops, leading customer-facing advisory engagements, and supporting the design and implementation of Microsoft Security solutions.
This role is responsible for executing high-quality Microsoft Defender, Microsoft Sentinel, and Microsoft Purview workshops, enabling customers to understand their current security posture, and guiding them toward modernized, cloud-aligned solutions. The specialist will act as a trusted advisor to technical and executive audiences, participate in pre-sales conversations, and support the onboarding of customers to Syntax Managed Security Services (MDR, MSIEM, and Defender-based security offerings).
This position blends 70% customer-facing advisory/workshop leadership with 30% hands-on security engineering and implementation tasks, requiring strong communication skills and deep technical knowledge across the Microsoft Security ecosystem.
Responsibilities
Customer Workshops, Advisory & Pre-Sales
– Deliver Microsoft-funded security workshops (Defender, Sentinel, Purview) including assessments, posture reviews, capability demonstrations, and architectural recommendations.
– Lead customer conversations as a trusted advisor, clearly articulating Microsoft security capabilities, roadmap recommendations, and industry-aligned best practices.
– Engage in pre-sales activities, working with Sales, Solution Architects, and the broader Security Organisation to scope, position, and present Microsoft Security offerings.
– Conduct security environment assessments, including identity posture, endpoint protection maturity, SIEM architecture, information protection requirements, and data governance controls.
– Produce high-quality customer-facing deliverables including findings reports, architecture diagrams, remediation plans, and modernization recommendations.
– Technical Implementation & Solution Enablement
– Support technical design and deployment activities for Defender, Sentinel, and Purview solutions as part of customer onboarding to Syntax Managed Security Services.
– Assist in implementing security configurations, integrations, and detection content aligned to Microsoft best practices and customer environments.
– Contribute to use case development, analytic rule creation, and integration setup for Microsoft Sentinel.
– Support hands-on Defender for Endpoint and related Defender platform components as part of onboarding to MDR services.
– Collaborate with Security Operations and Security Engineering teams to ensure a cohesive Microsoft Security delivery experience.
– Internal Enablement & Microsoft Partnership Support
Contribute to the development of internal Microsoft-aligned content, methodologies, and templates used across workshops, pre-sales, and managed services.
– Support Syntax’s Microsoft partnership efforts by maintaining relevant certifications and enabling the organization to meet Solutions Partner for Security skilling requirements.
– Participate in knowledge sharing, training sessions, and internal communities of practice related to Microsoft – Security technologies.
Required Skills and Experience
– 5+ years of experience working with Microsoft Security technologies across Defender, Sentinel, or Purview.
– Demonstrable experience in delivering customer-facing workshops, assessments, or pre-sales engagements.
– Strong understanding of cloud security principles, Zero Trust, and Microsoft security architecture patterns.
– Hands-on experience with at least one of the following:
– Microsoft Defender for Endpoint / XDR
– Microsoft Sentinel (including KQL and analytics configuration)
– Microsoft Purview Information Protection, DLP, or Compliance
– Ability to communicate clearly and confidently to both technical and leadership-level stakeholders.
– Fluency in speaking, presenting and writing in English.
Preferred Qualifications
– SC‑200: Microsoft Security Operations Analyst (strongly preferred)
– SC‑400: Information Protection Administrator (strongly preferred)
– AZ‑500: Azure Security Engineer Associate
– SC‑300: Identity & Access Administrator Associate
– Experience supporting Microsoft-funded workshops or Microsoft Solution Assessments.
– Experience onboarding customers to managed security services.
– Familiarity with Microsoft partner program requirements or Solutions Partner for Security skilling.
– Additional ability to speak, present and write in German is beneficial.