Job Title

Job Duties:- Escalation and investigation of complex or high-severity security incidents. - Utilize advanced KQL queries for threat hunting, log analysis, and incident investigations in Microsoft Sentinel. - Support cloud SIEM operations, focusing on use case optimization and rule tuning. - Collaborate with architects and security partners to develop and refine correlation rules. - Design and implement new SOC SIEM use cases based on customer requirements. - Develop and maintain standard operating procedures for incident response and escalation. - Optimize KQL queries and data connectors to improve SIEM performance and data quality. - Provide feedback to enhance monitoring rules, detection logic, and response playbooks. - Prepare daily, weekly, and monthly security reports for management. - Update and improve SOC runbooks and automated playbooks and troubleshooting. - Stay updated on emerging threats and security best practices using public cybersecurity resources. - Perform additional SOC-related duties as required.Education- Bachelor’s Degree with a major in Information Technology or Computer Science, preferredExperience- Four (4) or more years of experience working in a Security Operations Center (SOC) or similar analyst role, required - Two (2) or more years of hands-on experience with Microsoft Sentinel and Azure Log Analytics, required - Three (3) or more years of experience in information security, cybersecurity, systems, or networking, required - Proven ability to prioritize security incidents, analyze and develop effective solutions, and escalate issues appropriately in a fast-paced environment, preferred - Two (2) or more years of experience with cloud security technologies such as Microsoft Defender for Cloud, Microsoft Defender for Cloud Apps, Azure Network Security, or Entra Permission Management, preferred - Prior experience using help desk ticketing systems and service desk management tools, preferred.