Share
Job Description
Key Responsibilities
Design and Implementation : Lead the design, implementation, and enhancement of Microsoft Sentinel SOAR workflows using Azure Logic Apps, Power Automate, and custom APIs.
Subject Matter Expert : Serve as the SOAR engineering subject matter expert, collaborating with SIEM developers and threat detection analysts to deliver scalable, reliable, and context-rich automation solutions.
Tool Development : Develop tools and frameworks to improve the creation, testing, and deployment of automated playbooks and security response pipelines.
Cross-Functional Collaboration : Partner with cross-functional teams to gather use case requirements and integrate them into automation design, ensuring alignment with enterprise risk management priorities.
Technical Integration : Oversee the technical integration of log sources and data enrichment tools critical to automation and alert triage processes.
Backlog Management : Maintain the backlog and roadmap for SOAR use cases and automation capabilities; ensure continuous improvement through retrospectives and stakeholder feedback.
Workflow Maintenance : Ensure robustness and maintainability of automated workflows by applying DevSecOps principles, version control, and automated testing.
Performance Monitoring : Monitor and optimize SOAR solution performance metrics, including mean time to respond (MTTR), automation success rate, and system reliability.
Mentorship : Mentor and coach junior engineers and analysts on SOAR capabilities, coding practices, and Sentinel fundamentals to increase team-wide technical maturity.
Compliance Assurance : Ensure compliance with security governance, SDLC policies, and regulatory standards such as GDPR, PCI, and internal audit frameworks.
Qualifications & Experience
Experience : Minimum 3 years of experience in cybersecurity operations, with a strong focus on SOAR development and engineering.
Technical Expertise : In-depth experience with Microsoft Sentinel and Azure-based SOAR features.
Programming Skills : Proficient in Azure Logic Apps, PowerShell, and Python, particularly for developing automation scripts and REST API integrations.
Data Management : Strong knowledge of Azure Data Explorer (ADX) and familiarity with ETL processes for enrichment and correlation.
Integration Skills : Experience integrating third-party platforms via APIs for enhanced automation (e.g., ServiceNow, Microsoft Defender, Cribl).
Agile Methodologies : Solid understanding of Agile development methodologies, Jira usage, and DevSecOps pipelines.
Problem-Solving : Strong problem-solving skills, with the ability to independently analyze complex security issues and design effective automated responses.
Regulatory Knowledge : Familiarity with data privacy, compliance, and regulatory requirements (PCI, GDPR, HIPAA, etc.).
Preferred Certifications
Microsoft Certified : Security Operations Analyst Associate (Sentinel).
CISSP, CISM , or equivalent certifications.
Microsoft Azure Fundamentals or Security Engineer Associate .
Why Join Us?
Innovative Environment : Be part of a forward-thinking team that values creativity and innovation in cybersecurity.
Professional Growth : Opportunities for continuous learning and professional development.
Impactful Work : Contribute to enhancing our security posture and protecting critical assets.
Application Process
Current Contingent Workers apply
*A job posting is effective until 11:59:59PM on the dayBEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the dayBEFOREthe job posting end date.
These jobs might be a good fit