What you’ll do

• Threat Monitoring and Detection: Continuously monitor security alerts, events, and potential threats using Microsoft Sentinel and other security systems.
• Incident Response: Respond to and investigate security incidents, providing mitigation strategies and remediation actions.
• Vulnerability Management: Assist in identifying vulnerabilities in systems, networks, and applications, and propose appropriate fixes.
• Microsoft Entra ID: Manage and monitor identity security within the Microsoft Entra ID ecosystem, including authentication mechanisms, identity lifecycle management, and access control.
• Network Security: Analyze and troubleshoot network traffic for anomalies, unauthorized access, and potential security breaches.
• Linux Systems Security: Perform security hardening and troubleshooting on Linux servers, monitoring logs for suspicious activities.
• Log Analysis with Microsoft Sentinel: Review and analyze logs from Microsoft Sentinel, firewalls, and IDS/IPS to identify potential threats or indicators of compromise.
• Collaboration: Work closely with other team members, including Red Team counterparts, to strengthen organizational security posture and contribute to security exercises.
• Documentation: Create and maintain detailed reports and incident documentation for post-incident reviews and compliance purposes.
• Continuous Improvement: Stay up-to-date with the latest security trends, technologies, and best practices.

Profile and Skills

• Microsoft Entra ID Expertise: Strong understanding of identity and access management concepts within Microsoft Entra ID (formerly Azure AD), including multifactor authentication (MFA), conditional access policies, and privilege management.
• Experience with Microsoft Sentinel: Proficiency in using Microsoft Sentinel for log analysis, threat detection, and responding to security events.
• Kusto Query Language (KQL): Strong proficiency in KQL for querying and analyzing data within Microsoft Sentinel or other tools in the Azure ecosystem.
• Networking Knowledge: Solid understanding of networking concepts such as TCP/IP, DNS, firewalls, VPNs, and how they relate to security monitoring and threat detection.
• Medium Linux Skills: Experience with Linux operating systems, including command-line proficiency, scripting, and the ability to monitor logs and secure systems.
• Experience with Security Tools: Experience using security monitoring tools such as Microsoft Sentinel, IDS/IPS, endpoint detection and response (EDR), and firewalls.
• Analytical Skills: Strong attention to detail and ability to analyze logs, network traffic, and security events for potential risks.
• Communication Skills: Excellent verbal and written communication skills for incident documentation, reports, and interaction with different teams.
• Team Player: Collaborative mindset, able to work with cross-functional teams to strengthen the organization’s security posture.