Security Operations Center Analyst

Responsibilities

• Monitor, analyze, and triage security alerts across various customer environments.
• Rapidly respond to active attacks to mitigate risks and prevent further impact.
• Escalate incidents where a conclusive determination cannot be made (real threat or false positive).
• Perform threat detection, investigation, and response activities using Microsoft security solutions.
• Work with technologies including Microsoft Sentinel, Microsoft 365 Defender suite, and Microsoft Defender for Cloud.
• Assist in improving detection rules, monitoring processes, and incident handling workflows.
• Maintain awareness of emerging cyber threats, attack vectors, and best practices.
• Document incidents, actions taken, and recommendations for further remediation.

Requirements

• 3+ years of experience in a Security Operations Center or similar security-focused role.
• Hands-on experience with Microsoft Sentinel
• Microsoft 365 Defender products (Defender for Endpoint, Identity, Office 365, etc.)
• Microsoft Defender for Cloud (preferred)
• Strong understanding of cybersecurity concepts, including:
  • Attack vectors & common cyberthreats
  • Incident response & management processes
  • SIEM/SOAR operations
• Ability to write and interpret Kusto Query Language (KQL) queries.
• Strong analytical skills, attention to detail, and ability to work in a fast-paced environment.

Benefits

• No specific benefits listed