- Conduct in-depth analysis and investigation of security alerts and incidents within the Azure environment using Microsoft Azure Sentinel and other pertinent tools.
- Lead the triage process, distinguishing between potential incidents, false positives, and benign activities with a focus on Azure-specific threats.
- Thoroughly document and analyze incidents, ensuring accuracy and completeness for further analysis and reporting.
- Execute advanced incident handling procedures leveraging Azure's security tools and features, with a focus on containment, eradication, and recovery.
- Provide mentorship and guidance to Tier 1 and Tier 2 analysts on complex incidents and advanced investigation techniques.
- Escalate critical or complex incidents to appropriate stakeholders, including management and other teams for further investigation and resolution.
- Proactively identify security gaps and recommend enhancements to security controls and processes within the Azure environment.
- Stay abreast of emerging threats, vulnerabilities, and security technologies through continuous learning and participation in training sessions.
- Collaborate closely with cross-functional teams and stakeholders to ensure a coordinated and effective response to security incidents.
- Bachelors degree in computer science, Information Security, or a related field, or equivalent practical experience.
- 5+ years of experience in a SOC environment with a strong emphasis on Azure or cloud cybersecurity.
- Proficiency in Azure cloud services, architectures, and security features, with hands-on experience in deploying and configuring security controls.
- Demonstrated expertise in Azure Sentinel, Azure Security Center, and other Azure-native security tools, with a deep understanding of their capabilities and configurations.
- Advanced knowledge of SIEM and SOAR platforms for incident handling and automation, coupled with experience in on-call rotation.
- Excellent written and verbal communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders.
- Strong customer-facing skills with a focus on providing exceptional service and support.
- Relevant certifications such as Azure Security Engineer Associate or equivalent are highly desirable.
Security Operations Specialist - Bellevue, United States - WaferWire LLC
Description
Role Title: Security Operations Analyst Tier 3
Duration: Long-Term
Location: Bellevue, WA (Onsite)
Description:
Our client is rapidly building a talented and diverse team to tackle complex health and technical challenges. We are seeking candidates inspired by the opportunity to securely apply data in the development of real-world health solutions. Beyond core capabilities, we are seeking problem solvers, passionate and collaborative teammates, and those willing to roll up their sleeves while making a difference. We do things the right way. Our commitment to security and compliance assurance cannot be stressed enough. This position is critical to ensuring we are successful.
The successful candidate will design, implement, and support solutions that support the company's Digital Workplace strategy. They will work on leading-edge technologies that help modernize endpoint management by leveraging the cloud to quickly deliver end-user improvements.
Responsibilities:
Key Qualifications
Preferred:
Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, CySA+, Sec+, CISSP, GCIH, GIAC GCIH, GCIA or CEH are strongly preferred.