Senior SOC Engineer (Cloud Security)

Role Responsibilities:

• Administer and maintain Microsoft Sentinel workspaces across multi cloud environments.
• Configure and manage Sentinel data connectors.
• Automate incident response workflows using Logic Apps and Sentinel playbooks.
• Develop and optimize KQL queries for log analytics and threat hunting.
• Implement custom rules| alerts| and analytics for proactive detection.
• Ensure seamless ingestion of telemetry from diverse cloud services.
• Automate repetitive SOC tasks to enhance operational efficiency.
• Manage Sentinel dashboards and reporting for SOC visibility.
• Troubleshoot connector issues and optimize ingestion pipelines.
• Collaborate with cloud teams to secure Azure and hybrid workloads.
• Document automation processes| playbooks| and connector configurations.
• Provide guidance on Sentinel best practices and cloud security posture.
• Proficient in Microsoft 365 administration and security configurations.
• Strong communication and collaboration skills Provide technical guidance for clients| team members and stakeholders on Microsoft Purview capabilities and best practices Contribute to continuous improvement of SOC automation and administration processes.
• Resolves customer issues through problem solving| collaboration| and research.
• May take escalated issues as needed.
• Documents technical work and research.
• Performs in-depth product troubleshooting and remediation when needed.
• Collaborates on cross-team and cross-product technical issues by working with resources from other groups as needed to resolve moderately complex customer issues

Keywords/Essential Skills:

• OT SOC operations
• Microsoft Sentinel administration
• automation with Logic Appsplaybooks
• cloud security (Azure AWS)
• KQL
• Microsoft Sentinel
• Microsoft Defender (for Endpoint Cloud Identity)
• Azure Security Center
• Office 365 Security Compliance
• Power Automate Logic Apps for automation