Important
The English language version of this certification was updated on January
28, 2022. Please download the skills measured document on the Exam SC-200
page to see what changed.
The Microsoft security operations analyst collaborates with organizational
stakeholders to secure information technology systems for the organization.
Their goal is to reduce organizational risk by rapidly remediating active
attacks in the environment, advising on improvements to threat protection
practices, and referring violations of organizational policies to
appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by
using a variety of security solutions across their environment. The role
primarily investigates, responds to, and hunts for threats using Microsoft
Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party
security products. Since the security operations analyst consumes the
operational output of these tools, they are also a critical stakeholder in
the configuration and deployment of these technologies.