Hao Najjar

Principal Security Specialist

Brisbane · Brisbane, QLD, Australia · hao.najjar@data3.com.au

Principal Security Specialist focused on Microsoft Sentinel, Defender XDR and Zero Trust

Higher EducationProfessional ServicesState Government

About

Hao Najjar is a Principal Security Specialist at Data#3 with deep expertise in Microsoft Sentinel, Defender XDR, and zero-trust architecture. He has successfully led end-to-end SOC transformation programs and security architecture engagements across state government, higher education, and professional services sectors. With over 16 years of industry experience, Hao holds SC-100 and CISSP certifications and is recognised for translating complex security requirements into practical, measurable outcomes.

Experience

2022-03 — Present
Current
Principal Security Specialist
Data#3
Leads complex security architecture and transformation programs with a focus on Microsoft security stack and zero-trust principles.
- Architected and delivered two full SOC build programs from requirements through to operational handover
- Leads pre-sales and delivery for Microsoft Sentinel and Defender XDR engagements
- Advises CISO-level clients on zero-trust roadmap and implementation
2018-06 — 2022-02
Senior Security Consultant
Deloitte
Provided security consulting services to government and education clients with a focus on cloud security and SOC maturity.
- Designed security architectures for two major Queensland Government departments
- Led SOC maturity assessments and transformation roadmaps
2015-01 — 2018-05
Cyber Security Architect
The University of Queensland
Responsible for enterprise security architecture and incident response within a large higher education environment.
- Implemented Microsoft Sentinel as the central SIEM platform
- Developed zero-trust network access strategy adopted across the university
2009-02 — 2014-12
Security Analyst
PwC Australia
Began career in professional services performing security assessments, penetration testing and compliance work.
- Conducted numerous security risk assessments for ASX-listed clients
- Developed foundational SIEM deployment playbooks still used internally

Projects

SOC Transformation Program
2023-05 — 2024-06
Queensland Department of Education · State Government · as Lead Security Architect
Designed and implemented a modern 24x7 SOC that reduced mean time to detect from 48 hours to under 4 hours and consolidated three legacy SIEM platforms.
Microsoft SentinelMicrosoft Defender XDRAzure Logic AppsKusto Query LanguageMicrosoft Entra ID
Zero Trust Architecture Implementation
2022-08 — 2023-04
University of Melbourne · Higher Education · as Principal Consultant
Delivered a comprehensive zero-trust framework adopted across 85,000 users, resulting in a 62% reduction in successful phishing incidents within the first year.
Microsoft Defender for CloudAzure AD Conditional AccessMicrosoft SentinelPalo Alto NetworksZero Trust principles
Microsoft Sentinel SOC Build
2021-11 — 2022-07
Queensland Health · State Government · as Security Lead
Built and operationalised a centralised security operations centre handling over 18 billion events per month, improving threat detection coverage by 74%.
Microsoft SentinelDefender XDRAzure MonitorLog AnalyticsPower BI
Defender XDR and Sentinel Migration
2020-09 — 2021-06
KPMG Australia · Professional Services · as Technical Architect
Migrated legacy SIEM to Microsoft Sentinel platform, reducing licensing costs by 41% while increasing automated response actions from 12% to 68% of incidents.
Microsoft Defender XDRMicrosoft SentinelAzure LighthouseEntra IDSOAR automation
Cloud Security Posture Management
2019-03 — 2019-12
Griffith University · Higher Education · as Senior Security Consultant
Implemented continuous security posture management across multi-cloud environment, remediating over 1,200 high-severity misconfigurations and achieving 94% compliance score.
Microsoft Defender for CloudAzure PolicySentinelTerraformCIS Benchmarks
Incident Response Capability Enhancement
2017-06 — 2018-02
Department of Transport and Main Roads (QLD) · State Government · as Incident Response Lead
Developed and tested comprehensive incident response playbooks that reduced average breach containment time by 65% during simulated exercises.
Microsoft SentinelDefender for EndpointAzure ADPower AutomateMISP

Skills

Incident Responseadvanced · 12y
SIEM Implementationexpert · 11y
Security Operations Center (SOC)expert · 10y
Azure Security Centeradvanced · 9y
CISSPexpert · 8y
Zero Trust Architectureexpert · 8y
Microsoft Entra ID (Azure AD)advanced · 7y
Microsoft Sentinelexpert · 7y
Microsoft Defender XDRexpert · 6y
Microsoft Defender for Cloudadvanced · 5y

Certifications

Microsoft
SC-200: Microsoft Security Operations Analyst
2023
Microsoft
SC-100: Microsoft Cybersecurity Architect
Expert
2022
Microsoft
AZ-500: Microsoft Azure Security Technologies
Associate
2021
(ISC)²
CISSP
Certified
2016

Similar SMEs

Ranked by embedding similarity across roles, projects, and skills.