Overview
Skills
Job Details
Position Overview
We are seeking a highly skilled Senior SOC Analyst with advanced expertise in Microsoft Sentinel, Microsoft Defender for Endpoint (MDE), Microsoft Purview, Azure Security, and the Microsoft 365 security suite. This role will lead advanced threat detection and response operations, perform proactive threat hunting, and optimize our Microsoft security ecosystem. You will also mentor junior SOC analysts, deliver actionable intelligence, and translate complex technical findings into clear, business-relevant insights.
Key Responsibilities
Advanced Monitoring & Detection Monitor, detect, and respond to threats in real time using Microsoft Sentinel, MDE, Purview, Azure Security Center, and M365 security tools.
Proactive Threat Hunting Use MITRE ATT&CK and Microsoft threat intelligence to identify and address threats before they impact operations.
Incident Investigation & Response Lead investigations into complex incidents, perform root cause analysis, and recommend remediation strategies.
Analytics Optimization Enhance Sentinel analytics rules, workbooks, dashboards, and automation playbooks to improve detection and response.
Alert Management Triage and analyze alerts, prioritize high-severity threats, escalate when needed, and ensure timely resolution.
Compliance & Risk Management Leverage Microsoft Purview for DLP, insider risk management, and compliance monitoring to meet regulatory standards.
Collaboration & Vulnerability Management Partner with IT and engineering teams to remediate vulnerabilities and strengthen security posture.
Documentation & Reporting Maintain incident documentation, lessons learned, and reports for leadership and audits.
Mentorship Coach and support junior SOC analysts to enhance team performance and knowledge sharing.
Required Qualifications
Experience 5+ years in SOC operations, including at least 3 years in a senior or lead SOC analyst role.
Technical Expertise Proven experience in Microsoft Sentinel (KQL, log analytics, rule creation, dashboards), MDE, Purview (DLP, insider risk), Azure Security (Azure AD, Conditional Access, security baselines), and M365 Security & Compliance.
Incident Response & Threat Hunting Strong knowledge of incident response, forensics, and threat hunting.
Security Automation Experience building and maintaining automation workflows (Logic Apps, SOAR, etc.).
Frameworks Familiarity with MITRE ATT&CK, cyber kill chain, and SOC playbooks.
Communication Excellent written and verbal skills to bridge technical and non-technical audiences.
Preferred Qualifications
Certifications SC-100, SC-200, SC-300, AZ-500, CISSP, GIAC (GCIA, GCED, GCIH), or equivalent.
Third-Party Integrations Experience connecting Microsoft tools with platforms like SolarWinds, Palo Alto XSOAR, etc.
Compliance Knowledge Understanding of NIST SP 800-53, IRSPub1075, PCI DSS, or similar frameworks.
Scripting & Automation Skilled in PowerShell, KQL, or similar languages.
Data Connector Management Configure and maintain integrations between Microsoft tools and external platforms.
Key Competencies
Strong analytical and problem-solving skills.
Ability to manage multiple incidents in high-pressure environments.
Proven mentoring and collaboration abilities.
Commitment to continuous learning and adapting to emerging threats.
Education & Certification Requirements
Master s degree + 3+ years in IT security OR
Bachelor s degree + 5+ years in IT security OR
High school diploma + 10+ years in IT security
Industry certifications (CompTIA Security+, SANS, ISC2, or equivalent)