Address
Form of workJob Description
Job Title: SOC Analyst - Microsoft Sentinel Specialist
Department: Cyber Security
Location: Columbia, SC (40%), Remote (60%)
Reports to: Directory of Cyber Security
Objective:
To provide expert threat detection, analysis, and response to security incidents using Microsoft Sentinel. The SOC Analyst specializing in Microsoft Sentinel will leverage their knowledge of Kusto Query Language (KQL) to develop and refine queries, workbooks, and alerts to ensure the safety and security of the organization's digital assets.
Key Responsibilities:
1. Threat Detection & Response:
o Proactively monitor Microsoft Sentinel for potential security incidents and anomalies.
o Analyze, validate, and respond to detected security incidents in a timely manner.
o Escalate incidents as necessary and provide expert guidance on mitigation strategies.
2. Kusto Query Language (KQL) Mastery: o Develop, refine, and optimize KQL queries for enhanced detection and insights.
o Train junior analysts on KQL best practices and its application in Microsoft Sentinel.
3. Incident Documentation:
o Document incidents, actions taken, and lessons learned to support continuous improvement.
o Generate reports for management detailing incident trends, stats, and recommendations.
4. Integration & Configuration:
o Configure and integrate Microsoft Sentinel with other tools and platforms to enhance visibility and detection capabilities.
o Maintain and optimize Microsoft Sentinel connectors, playbooks, and automations.
5. Continuous Learning & Improvement:
o Stay current with emerging threats, tactics, and vulnerabilities that could impact the organization.
o Regularly review and update alerting criteria and playbooks based on evolving threats and business needs.
o Participate in tabletop exercises and red/blue team simulations to enhance response capabilities.
Minimum Requirements:
• Certification: Microsoft Security Operations Analyst certification.
• Experience: o Minimum of 3 years of experience as a SOC Analyst.
o At least 2 years of hands-on experience with Microsoft Sentinel.
• Technical Skills:
o Proficient in Kusto Query Language (KQL).
o Familiarity with Microsoft Sentinel's architecture, functionalities, and integration capabilities.
o Understanding of threat intelligence platforms and their integration with Microsoft Sentinel.
• Soft Skills:
o Strong analytical and problem-solving capabilities.
o Excellent written and verbal communication skills.
o Ability to collaborate effectively with diverse teams and stakeholders.
Benefits package:
Health benefits through Client Client, Dental, Vision, Cancer, Accident, STD/LTD, Voluntary Life, Health Savings Account, Health Reimbursement Arrangement, 401(k)
