Lead Security Operations Engineer

Soni Resources is seeking a Security Operations Analyst with expertise in Microsoft security technologies to enhance our threat detection and incident response capabilities. This role involves working closely with our external SOC to deploy, manage, and optimize Microsoft Sentinel SIEM and Microsoft Defender solutions, ensuring robust security monitoring, automation, and threat mitigation.

Key Responsibilities:

• Deploy, configure, and manage Microsoft Sentinel SIEM for enterprise security monitoring.
  
• Develop custom log ingestion from Microsoft and third-party sources.
  
• Create and optimize Kusto Query Language (KQL) queries for threat detection and hunting.
  
• Manage and enhance Microsoft Defender configurations across Endpoint, Identity, Office 365, and Cloud.
  
• Implement Microsoft Defender for Cloud to secure Azure workloads.
  
• Develop automation rules and workflows to improve alert accuracy and SOC efficiency.
  
• Support Windows security hardening and incident response processes.
  

Qualifications & Skills:

• 4+ years of experience in Security Operations (SecOps) or SOC.
  
• Strong expertise in Microsoft Sentinel SIEM, Defender suite, and security analytics.
  
• Hands-on experience with KQL queries, log ingestion, and automation.
  
• Knowledge of Windows security architecture, Active Directory, and Group Policy.
  
• Familiarity with the MITRE ATT&CK framework and common attack techniques.
  
• BA/BS degree or equivalent experience.
  

Preferred Certifications:

• Microsoft SC-200 (Security Operations Analyst)
  
• Microsoft AZ-500 (Azure Security Technologies)
  

#SoniTech