Expoint – all jobs in one place
Finding the best job has never been easier
Limitless High-tech career opportunities - Expoint

MSD Cyber Defense Analytics Senior Specialist 
Romania, Bucharest 
748685126

29.06.2025

Job Description

Key Responsibilities

  • Design and Implementation : Lead the design, implementation, and enhancement of Microsoft Sentinel SOAR workflows using Azure Logic Apps, Power Automate, and custom APIs.

  • Subject Matter Expert : Serve as the SOAR engineering subject matter expert, collaborating with SIEM developers and threat detection analysts to deliver scalable, reliable, and context-rich automation solutions.

  • Tool Development : Develop tools and frameworks to improve the creation, testing, and deployment of automated playbooks and security response pipelines.

  • Cross-Functional Collaboration : Partner with cross-functional teams to gather use case requirements and integrate them into automation design, ensuring alignment with enterprise risk management priorities.

  • Technical Integration : Oversee the technical integration of log sources and data enrichment tools critical to automation and alert triage processes.

  • Backlog Management : Maintain the backlog and roadmap for SOAR use cases and automation capabilities; ensure continuous improvement through retrospectives and stakeholder feedback.

  • Workflow Maintenance : Ensure robustness and maintainability of automated workflows by applying DevSecOps principles, version control, and automated testing.

  • Performance Monitoring : Monitor and optimize SOAR solution performance metrics, including mean time to respond (MTTR), automation success rate, and system reliability.

  • Mentorship : Mentor and coach junior engineers and analysts on SOAR capabilities, coding practices, and Sentinel fundamentals to increase team-wide technical maturity.

  • Compliance Assurance : Ensure compliance with security governance, SDLC policies, and regulatory standards such as GDPR, PCI, and internal audit frameworks.

Qualifications & Experience

  • Experience : Minimum 3 years of experience in cybersecurity operations, with a strong focus on SOAR development and engineering.

  • Technical Expertise : In-depth experience with Microsoft Sentinel and Azure-based SOAR features.

  • Programming Skills : Proficient in Azure Logic Apps, PowerShell, and Python, particularly for developing automation scripts and REST API integrations.

  • Data Management : Strong knowledge of Azure Data Explorer (ADX) and familiarity with ETL processes for enrichment and correlation.

  • Integration Skills : Experience integrating third-party platforms via APIs for enhanced automation (e.g., ServiceNow, Microsoft Defender, Cribl).

  • Agile Methodologies : Solid understanding of Agile development methodologies, Jira usage, and DevSecOps pipelines.

  • Problem-Solving : Strong problem-solving skills, with the ability to independently analyze complex security issues and design effective automated responses.

  • Regulatory Knowledge : Familiarity with data privacy, compliance, and regulatory requirements (PCI, GDPR, HIPAA, etc.).

Preferred Certifications

  • Microsoft Certified : Security Operations Analyst Associate (Sentinel).

  • CISSP, CISM , or equivalent certifications.

  • Microsoft Azure Fundamentals or Security Engineer Associate .

Why Join Us?

  • Innovative Environment : Be part of a forward-thinking team that values creativity and innovation in cybersecurity.

  • Professional Growth : Opportunities for continuous learning and professional development.

  • Impactful Work : Contribute to enhancing our security posture and protecting critical assets.

Application Process

Current Contingent Workers apply


Not Indicated


*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.