Description:
He/she is responsible for building and maintaining different SIEM/XDR content libraries and perform R&D for updating the respective content registries. Interacts with the SecDevOps teams or contributes as part of the Blue Team effort to implement threat detection analytics or customer specific use cases. He/she is available to work flexible hours and may serves as a backup analyst for any potential coverage gaps to ensure business continuity.
Requirements
- Bachelor’s degree or higher in computer science or related area of study or equivalent combination of education and/or relevant work experience. MSc in relative areas is considered a plus.
- Experience in Azure Security, use of corresponding security monitoring tools and Azure Rule authoring.
- Extensive experience in Microsoft 365 security center.
- Basic understanding of legal, regulatory and compliance requirements (GDPR, PCI, HIPAA, SOX, etc.)
- Exposure and expert knowledge with content development and event correlation using SIEM tools.
- Excellent verbal and written communication skills in English.
- Problem solving skills on short timeframes and ability to “think outside the box”.
- Analytical thinking with the ability to break down a big problem into smaller chunks.
Desirable Requirements:
- Experience to analysis and investigation of incidents using Microsoft Sentinel and/or Defender products. Carbon Black and/or Crowdstrike acquaintance is considered a plus.
- Related certifications (Azure SC-200, Azure AZ-500, GCIH, GCFE, GCFA, GNFA, eCIR, CEH and/or Security+).
- Knowledge of a Threat Hunting methodology.
- Situational assessment and decision-making capabilities.