MSD Cyber Defense Analytics Senior Specialist 

Romania, Bucharest 

748685126

Job Description

Key Responsibilities

• Design and Implementation : Lead the design, implementation, and enhancement of Microsoft Sentinel SOAR workflows using Azure Logic Apps, Power Automate, and custom APIs.

• Subject Matter Expert : Serve as the SOAR engineering subject matter expert, collaborating with SIEM developers and threat detection analysts to deliver scalable, reliable, and context-rich automation solutions.

• Tool Development : Develop tools and frameworks to improve the creation, testing, and deployment of automated playbooks and security response pipelines.

• Cross-Functional Collaboration : Partner with cross-functional teams to gather use case requirements and integrate them into automation design, ensuring alignment with enterprise risk management priorities.

• Technical Integration : Oversee the technical integration of log sources and data enrichment tools critical to automation and alert triage processes.

• Backlog Management : Maintain the backlog and roadmap for SOAR use cases and automation capabilities; ensure continuous improvement through retrospectives and stakeholder feedback.

• Workflow Maintenance : Ensure robustness and maintainability of automated workflows by applying DevSecOps principles, version control, and automated testing.

• Performance Monitoring : Monitor and optimize SOAR solution performance metrics, including mean time to respond (MTTR), automation success rate, and system reliability.

• Mentorship : Mentor and coach junior engineers and analysts on SOAR capabilities, coding practices, and Sentinel fundamentals to increase team-wide technical maturity.

• Compliance Assurance : Ensure compliance with security governance, SDLC policies, and regulatory standards such as GDPR, PCI, and internal audit frameworks.

Qualifications & Experience

• Experience : Minimum 3 years of experience in cybersecurity operations, with a strong focus on SOAR development and engineering.

• Technical Expertise : In-depth experience with Microsoft Sentinel and Azure-based SOAR features.

• Programming Skills : Proficient in Azure Logic Apps, PowerShell, and Python, particularly for developing automation scripts and REST API integrations.

• Data Management : Strong knowledge of Azure Data Explorer (ADX) and familiarity with ETL processes for enrichment and correlation.

• Integration Skills : Experience integrating third-party platforms via APIs for enhanced automation (e.g., ServiceNow, Microsoft Defender, Cribl).

• Agile Methodologies : Solid understanding of Agile development methodologies, Jira usage, and DevSecOps pipelines.

• Problem-Solving : Strong problem-solving skills, with the ability to independently analyze complex security issues and design effective automated responses.

• Regulatory Knowledge : Familiarity with data privacy, compliance, and regulatory requirements (PCI, GDPR, HIPAA, etc.).

Preferred Certifications

• Microsoft Certified : Security Operations Analyst Associate (Sentinel).

• CISSP, CISM , or equivalent certifications.

• Microsoft Azure Fundamentals or Security Engineer Associate .

Why Join Us?

• Innovative Environment : Be part of a forward-thinking team that values creativity and innovation in cybersecurity.

• Professional Growth : Opportunities for continuous learning and professional development.

• Impactful Work : Contribute to enhancing our security posture and protecting critical assets.

Application Process

Current Contingent Workers apply

*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.