Ref: #63537

SOC Engineer – Detection Rules Developer (Azure sentinel)

Position: SOC Engineer - Detection Rules Developer (Azure sentinel)
Location: Paris
Remote working: 2 days per week on site

About Us
My client is seeking a skilled SOC Engineer to enhance our security posture by developing detection rules in the Azure Sentinel environment and Microsoft 365.
Role Overview
As a SOC Engineer specializing in detection rules, you will focus on leveraging Kusto Query Language (KQL) to create robust detection mechanisms within Azure Sentinel and the O365 ecosystem. Your expertise will help us identify, respond to, and mitigate security threats effectively.
Key Responsibilities
  • Detection Rule Development: Design, implement, and optimize detection rules in Azure Sentinel using KQL to monitor for suspicious activities and threats in real time.
  • O365 Security Management: Develop and manage detection rules for Microsoft 365 applications, including SharePoint, Exchange, and Teams, to safeguard against threats like phishing and unauthorized access.
  • Incident Investigation: Collaborate with the incident response team to analyze alerts generated by detection rules, providing insights and recommendations for remediation.
  • Threat Intelligence Integration: Incorporate threat intelligence feeds and reports to enhance detection capabilities and proactively address emerging threats.
  • Performance Tuning: Continuously refine and tune detection rules to reduce false positives while improving detection accuracy based on evolving threat patterns.
  • Documentation and Reporting: Maintain thorough documentation of detection rules, incident investigations, and response actions, ensuring compliance and audit readiness.
  • Collaboration: Work with cross-functional teams, including IT, compliance, and network security, to ensure comprehensive security measures are in place across the organization.
Qualifications
  • Education: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
  • Experience: Minimum [X years] of experience in a SOC or security engineering role, with a focus on threat detection and incident response.
  • Technical Skills:
    • Strong proficiency in Azure Sentinel and Microsoft 365 security features.
    • Expertise in Kusto Query Language (KQL) for developing detection rules and queries.
    • Familiarity with Azure cloud security best practices and frameworks.
  • Certifications: Relevant certifications (e.g., Microsoft Certified: Azure Security Engineer Associate, CompTIA Security+, etc.) are a plus.
Fügen Sie eine Lebenslaufdatei an. Akzeptierte Dateitypen werden DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!