Cyber Defense Analytics Senior Specialist jobs at Msd in Romania, Bucharest

Job Description

Responsibilities

• Support the design, implementation, and maintenance of comprehensive Zscaler architecture and integration to enhance overall security.
• Assist in the implementation of Zero Trust strategies, including endpoint security, network security, cloud configuration, intrusion detection and prevention systems, and secure remote access.
• Collaborate with cross-functional teams to integrate Zero Trust principles and network security solutions into various infrastructure components, systems, and applications.
• Assist in the implementation and configuration of network security tools, ensuring proper monitoring, detection, and response capabilities.
• Stay up to date with the latest advancements and trends in Zero Trust, cloud, network security, and related technologies, and assist in evaluating their applicability to the organization.
• Collaborate with external vendors, consultants, and internal stakeholders to evaluate, implement, and manage network security solutions.
• Provide support and assistance to IT and security teams for the successful implementation and operation of Zero Trust principles and network security solutions.
• Contribute to the documentation of the Zero Trust architecture, network security implementation, and maintenance processes.

Requirements

• Advanced hands-on experience and skills with Zscaler design and deployment.
• Knowledge of Zero Trust principles, methodologies, and technologies, as well as a basic understanding of network security solutions and endpoint security.
• Familiarity with network security tools and technologies, including firewalls, intrusion detection and prevention systems (IDPS), network segmentation, and secure remote access solutions.
• Strong problem-solving and analytical skills, with the ability to learn and apply new concepts quickly.
• Good communication and collaboration skills, with the ability to work effectively in a team environment.
• Bachelor's degree in computer science, information technology, or a related field.
• Relevant certifications, such as Zscaler, CISSP, CIAM, or similar certifications are a plus.

Why Join Us?

• Competitive salary and benefits package.
• Opportunities for professional development and growth.
• A collaborative and innovative work environment.
• The chance to work with cutting-edge technologies and make a real impact in the field of cybersecurity.

Current Contingent Workers apply

*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.

Job Description

Senior member of DS Operation working as part of a global team to support a fast-paced environment. Ensure conformance to established system architecture, security, regulations, standards and practices, and participate\drive their creation and upkeep. In addition to technical expertise must be proficient in managing projects through to completion, innovative, security focused, self-motivated and driven. The candidate will be a member of the global Tier 2 Directory Services Operations team which includes operational responsibilities across all supported LDAP compliant directory environments and core services within the organization. Good communication skills, documentation abilities and compliance experience required. Comfortable working in a team environment and able to work collaboratively with other areas in implementing solutions that secure and benefit the company. Additional technical requirements follow:

• Day to Day operation supporting multiple Active Directory forests\domains with various implementations across enterprise. Experience securing, hardening and implementing tiered concepts is required.
• Drive improvement, quality and value.
• Provided troubleshooting and root cause analysis for Active Directory-related issues, including replication failures, authentication issues, and policy conflicts
• Manage Group Policy Objects (GPOs) to enforce company-wide policies for user authentication, access control, and security.
• Oversee Active Directory security configurations, including user/group management, delegated administration, and role-based access control (RBAC).
• Ensure the availability, stability, and performance of the Active Directory infrastructure through proactive monitoring, troubleshooting, and issue resolution.
• Advanced knowledge of cloud capabilities\concepts including federation, RBAC and cloud security, Directory Synchronization (AAD Connect), Microsoft O365 and Azure AD.
• Excellent understanding and technical knowledge regarding core services including IPSEC, DNS, WINS, PKI, GPOs, replication, trusts, etc.
• Authentication services especially Kerberos and LDAP authentication protocols.
• Compliance and IT Security related best practices and processes
• Plan, configure, troubleshoot and administer Microsoft AD and underlying Operating System(s).
• PowerShell scripting experience in a large-scale environment for automation purposes and cloud connectivity.
• Experience with Quest support tools specifically Active Roles.
• Familiarity with old and modern Microsoft operating systems, server class hardware and VMWare technologies.
• Enterprise Directory experience a must.
• Experience with identity best practices, Azure roles, security, and SAAS strategies specifically around Microsoft Active Directory\Entra ID a must.
• Least privileged access concepts necessary

• Experience with Oracle products including Oracle Unified Directory (OUD) similar directory products
• RedHat Linux experience and support technical expertise
• Advanced knowledge of large networks including F5 load balancers concepts

Education Minimum Requirement:

• MSc Degree or BSc Degree or equivalent with relevant experience in Computer Science, Computer Science Engineering, or equivalent experience.

Required Experience and Skills:

• 5+ years of experience supporting large scale enterprise Active Directory environments and related services.
• Managing permissions and all other aspects of AD administration.
• Ability to provide support for Real-time events providing moderated services.
• Ability to acquire new skills in a diverse environment.
• Fluent in English, in both verbal and written communication.

Current Contingent Workers apply

*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.

Job Description

Key Responsibilities

• Design and Implementation : Lead the design, implementation, and enhancement of Microsoft Sentinel SOAR workflows using Azure Logic Apps, Power Automate, and custom APIs.

• Subject Matter Expert : Serve as the SOAR engineering subject matter expert, collaborating with SIEM developers and threat detection analysts to deliver scalable, reliable, and context-rich automation solutions.

• Tool Development : Develop tools and frameworks to improve the creation, testing, and deployment of automated playbooks and security response pipelines.

• Cross-Functional Collaboration : Partner with cross-functional teams to gather use case requirements and integrate them into automation design, ensuring alignment with enterprise risk management priorities.

• Technical Integration : Oversee the technical integration of log sources and data enrichment tools critical to automation and alert triage processes.

• Backlog Management : Maintain the backlog and roadmap for SOAR use cases and automation capabilities; ensure continuous improvement through retrospectives and stakeholder feedback.

• Workflow Maintenance : Ensure robustness and maintainability of automated workflows by applying DevSecOps principles, version control, and automated testing.

• Performance Monitoring : Monitor and optimize SOAR solution performance metrics, including mean time to respond (MTTR), automation success rate, and system reliability.

• Mentorship : Mentor and coach junior engineers and analysts on SOAR capabilities, coding practices, and Sentinel fundamentals to increase team-wide technical maturity.

• Compliance Assurance : Ensure compliance with security governance, SDLC policies, and regulatory standards such as GDPR, PCI, and internal audit frameworks.

Qualifications & Experience

• Experience : Minimum 3 years of experience in cybersecurity operations, with a strong focus on SOAR development and engineering.

• Technical Expertise : In-depth experience with Microsoft Sentinel and Azure-based SOAR features.

• Programming Skills : Proficient in Azure Logic Apps, PowerShell, and Python, particularly for developing automation scripts and REST API integrations.

• Data Management : Strong knowledge of Azure Data Explorer (ADX) and familiarity with ETL processes for enrichment and correlation.

• Integration Skills : Experience integrating third-party platforms via APIs for enhanced automation (e.g., ServiceNow, Microsoft Defender, Cribl).

• Agile Methodologies : Solid understanding of Agile development methodologies, Jira usage, and DevSecOps pipelines.

• Problem-Solving : Strong problem-solving skills, with the ability to independently analyze complex security issues and design effective automated responses.

• Regulatory Knowledge : Familiarity with data privacy, compliance, and regulatory requirements (PCI, GDPR, HIPAA, etc.).

Preferred Certifications

• Microsoft Certified : Security Operations Analyst Associate (Sentinel).

• CISSP, CISM , or equivalent certifications.

• Microsoft Azure Fundamentals or Security Engineer Associate .

Why Join Us?

• Innovative Environment : Be part of a forward-thinking team that values creativity and innovation in cybersecurity.

• Professional Growth : Opportunities for continuous learning and professional development.

• Impactful Work : Contribute to enhancing our security posture and protecting critical assets.

Application Process

Current Contingent Workers apply

*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.