ZipRecruiter

Log In

2

Remote Microsoft Defender Jobs in Raleigh, NC (NOW HIRING)

Abrigo

Cybersecurity Operator

Raleigh, NC · On-site +1

This role reports to the Director, Security Operations and is hybrid-remote based in our Raleigh ... Exposure to EDR solutions (e.g., CrowdStrike, Microsoft Defender) * Familiarity with Microsoft 365 ...

Sageworks

Cybersecurity Operator

Raleigh, NC · On-site +1

This role reports to the Director, Security Operations and is hybrid-remote based in our Raleigh ... Exposure to EDR solutions (e.g., CrowdStrike, Microsoft Defender) * Familiarity with Microsoft 365 ...

All JobsRemote Microsoft Defender JobsRemote Microsoft Defender Jobs in Raleigh, NC

Remote Microsoft Defender information

See Raleigh, NC salary details

$28.7K

$97.9K

$188.1K

How much do remote microsoft defender jobs pay per year?

As of Jun 28, 2026, the average yearly pay for remote microsoft defender in Raleigh, NC is $97,863.00, according to ZipRecruiter salary data. Most workers in this role earn between $65,600.00 and $121,500.00 per year, depending on experience, location, and employer.

What is a Remote Microsoft Defender job?

A Remote Microsoft Defender job typically involves working with Microsoft's security solutions, such as Microsoft Defender for Endpoint, to protect organizations from cyber threats. Professionals in this role monitor security alerts, investigate incidents, and implement threat prevention measures while working remotely. They may also provide guidance on best practices, configure security policies, and ensure compliance with organizational standards. This position requires strong knowledge of cybersecurity, Microsoft products, and remote collaboration tools.

What are the key skills and qualifications needed to thrive as a Remote Microsoft Defender specialist, and why are they important?

To excel as a Remote Microsoft Defender specialist, you need a strong background in cybersecurity, threat analysis, and endpoint protection, typically supported by relevant IT degrees and certifications like Microsoft Certified: Security Operations Analyst Associate. Familiarity with Microsoft Defender suite, Azure Security Center, SIEM tools, and incident response platforms is essential. Strong problem-solving, communication, and analytical skills help you effectively identify and respond to security threats while collaborating with remote teams. These competencies are crucial for proactively mitigating risks and maintaining robust security across distributed environments.

How does a Remote Microsoft Defender specialist typically collaborate with IT and security teams across different locations?

A Remote Microsoft Defender specialist works closely with both centralized and distributed IT and cybersecurity teams to monitor, analyze, and respond to potential threats. Collaboration often involves daily virtual meetings, shared dashboards, and ticketing systems to coordinate incident responses and ensure consistent security practices across the organization. Regular communication is key, as specialists must provide timely updates, share findings, and recommend actions to minimize risks. This remote structure requires strong documentation skills and the ability to work independently while remaining highly responsive to team needs.

What is the difference between Remote Microsoft Defender vs Remote Security Analyst?

AspectRemote Microsoft DefenderRemote Security Analyst
CertificationsMicrosoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft Certified: Security Operations Analyst AssociateCompTIA Security+, CISSP, GIAC Security Essentials
Work EnvironmentPrimarily focused on managing Microsoft security tools and cloud security within Microsoft ecosystemsBroader security monitoring, incident response, and risk assessment across various platforms
Industry UsageUsed mainly in organizations leveraging Microsoft products and cloud servicesUsed across diverse industries requiring security monitoring and threat analysis

Remote Microsoft Defender roles focus on managing Microsoft security solutions, while Remote Security Analysts perform broader security monitoring and incident response across multiple platforms. Both roles require security certifications but differ in scope and tools used.

What are the most commonly searched types of Microsoft Defender jobs in Raleigh, NC? The most popular types of Microsoft Defender jobs in Raleigh, NC are:
What are popular job titles related to Remote Microsoft Defender jobs in Raleigh, NC? For Remote Microsoft Defender jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Remote Microsoft Defender jobs in Raleigh, NC look for? The top searched job categories for Remote Microsoft Defender jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Remote Microsoft Defender jobs? Cities near Raleigh, NC with the most Remote Microsoft Defender job openings:
Remote Microsoft Defender jobs near you
Infographic showing various Remote Microsoft Defender job openings in Raleigh, NC as of June 2026, with employment types broken down into 81% Full Time, 14% Part Time, and 5% Contract. Highlights an 100% Remote job distribution, with an average salary of $97,863 per year, or $47 per hour.
Cybersecurity Operator

Cybersecurity Operator

Abrigo

Raleigh, NC • On-site, Remote

Full-time

Medical, Retirement, PTO

Posted 15 days ago

Job description

We provide technology that community financial institutions use to manage risk and drive growth. Our solutions automate key processes – from anti-money laundering to fraud detection to CECL readiness to lending workflows – empowering our customers by addressing their Enterprise Risk Management needs.  

The Cybersecurity Operator sits within the Security Operations Team and is responsible for real-time monitoring, triage, and escalation of security events across corporate and cloud environments. This role serves as a frontline defender, analyzing alerts from SIEM, EDR, and email security platforms, and escalating potential threats to Cybersecurity Analysts.

This position also supports recurring security operations activities, including access reviews, phishing simulation reporting, security metrics collection, and audit support. All activities are performed in alignment with established procedures and NIST 800-61 incident response standards, ensuring consistent detection, escalation, and documentation of security events. This role reports to the Director, Security Operations and is hybrid-remote based in our Raleigh, NC office.

What You’ll Do:

Alert Monitoring & Incident Triage

  • Monitor security alerts across SIEM, EDR, and email security platforms
  • Perform first-tier triage, classifying alerts based on known behaviors, false positives, and SOPs
  • Document incidents, artifacts, and actions in accordance with NIST 800-61
  • Review email quarantine for potential threats and policy violations

Operational Security & Compliance Support

  • Conduct periodic user access reviews to validate least-privilege alignment
  • Support access recertification campaigns and track completion
  • Assist in reviewing security tooling exceptions
  • Support audits, assessments, and compliance reviews through evidence collection and validation
  • Collect and validate security metrics for leadership dashboards

Security Awareness & Phishing Program Support

  • Support execution of phishing simulation campaigns
  • Compile and analyze phishing metrics (click rate, reporting rate, credential capture)
  • Assist in preparing reports and materials for leadership review

General Security Operations Support

  • Assist investigations by gathering logs, artifacts, and supporting data
  • Conduct research on emerging threats and vulnerabilities as assigned
  • Support security awareness initiatives and onboarding logistics
  • Contribute to detection engineering improvements by identifying gaps in telemetry

What You’ll Need:

  • Associate or bachelor’s degree in cybersecurity, information security, or related field (preferred)
  • 0–2 years of relevant cybersecurity or IT experience
  • Foundational understanding of:
    • Threat detection and incident response
    • Access management and least privilege principles
    • Endpoint security and data protection
    • Network fundamentals (TCP/IP, DNS, HTTP/S)
  • Strong attention to detail and ability to follow SOPs
  • Strong written and verbal communication skills
  • Ability to collaborate effectively across teams

Preferred Qualifications:

  • Exposure to SIEM platforms (e.g., Rapid7, Splunk)
  • Exposure to EDR solutions (e.g., CrowdStrike, Microsoft Defender)
  • Familiarity with Microsoft 365 security tooling
  • Experience or exposure to AWS or Azure environments
  • Entry-level security certifications (Security+, CySA+, ISC2 CC, or similar)
What You’ll Get: 
  • Market competitive total rewards package
  • To be part of the Heart & SOUL of a winning company with an inspiring mission
  • The opportunity to Make Big Things Happen
  • Competitive salary along with full health benefits with an HSA option
  • Flexible PTO and bank holidays
  • 401(k) plan and company match

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, age, genetic trait, sexual orientation, national origin, disability status, or any other characteristic protected by law.  Abrigo is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at careers@abrigo.com with the subject line accommodation.

Apply