Role Overview: Utilizing knowledge of security operations, incident response, and detection engineering, you will be responsible for delivering Microsoft SIEM detections and security automations.
Key Skills and Experience:
* Experience contributing to large-scale, sprint-based security automation and detection engineering projects in a SOC or Cyber Defense environment.
* Hands-on experience managing and implementing Microsoft Sentinel log sources and detection, with knowledge of Sentinel Content Hub, Sentinel Analytics, Sentinel Automation, Azure Event Hub, Azure Logic Apps, and Azure Function Apps.
* Experience with Sentinel/Analytics Rules/Logic App automations and KQL.
* At least 5 years in a technical role in security operations and/or security software development.
* Solid understanding of security operations, automation processes, detection engineering, and SIEM management.
* Experience with cloud security tools and their integration into SOC operations.
Responsibilities:
* Lead the migration of log sources into Microsoft Sentinel SIEM.
* Develop security automations, logging, and SIEM detections to enhance operational efficiency.
* Design, implement, and maintain automated workflows and playbooks for incident response, threat hunting, and vulnerability management.
* Collaborate with analysts to automate repetitive tasks.
* Work with Threat Intelligence, Incident Response, and Attack Surface Management teams to build and tune SIEM detections.
* Evaluate automation solutions for performance and scalability.
* Partner with vendors to leverage automation opportunities.
Desirable Skills:
* Vendor-specific certifications for SOAR platforms.
* Ability to develop long-term automation strategies.
* Strong communication skills to translate technical concepts.
* Meticulous focus on accuracy, reliability, and security in workflows.
#J-18808-Ljbffr