Tier-1 Microsoft Partner are rapidly expanding their SOC team.
They are an accredited Solutions Partner for Security alongside a solutions partner for all other 6 designations.
Huge growth plans for the team with unrivaled career progression!
Role Overview:
The Threat Detection Engineer role involves closely monitoring the evolving threat landscape, including critical vulnerabilities, threat actors, campaigns, and TTPs (Tactics, Techniques, and Procedures). This proactive approach helps anticipate new attack vectors and adjust detection strategies accordingly.
Key Responsibilities:
- Closely monitor the evolving threat landscape, critical vulnerabilities, threat actors, threat campaigns and threat actor TTPs, anticipating new attack vectors and adjusting threat hunting strategies accordingly.
- Develop and maintain a repository of SOPs, playbooks, and checklists for detection that aligns to MITRE ATT&CK TTP Hunting Framework.
- Develop and maintain a repository of detection queries stored within Azure DevOps with a CICD methodology.
- Maintaining and managing CI/CD Azure Sentinel pipelines
Experience Needed:
- Familiarity with Azure services and security features is essential. This includes understanding Azure Security Centre, Microsoft Sentinel (SIEM), and other Azure-native security tools.
- Ability to formulate hypotheses about potential threats and develop strategies to detect them. This involves writing detection queries using SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), NDR (Network Detection and Response), and host forensic tools.
- Certifications in either SC-100 or SC-200 would be beneficial
