Security Analyst II

October 26

Apply Now

Receive Emails with Similar Jobs

ProArch

WebsiteLinkedInAll Job Openings

Machine Learning • Digital IT Strategy • Big Data • Microsoft Solutions • Agile Transformation

201 - 500

Description

• ProArch is a global IT consulting firm providing Security, Data, Application Dev, and Cloud services. • Responsible for monitoring, detecting, and responding to security incidents using M365 security technologies and Microsoft Sentinel. • Play a critical role in improving security operations while creating and refining use cases and detection rules. • Handle technical escalations from junior SOC Analysts and ensure quality SOC Monitoring and Response adhering to SLAs. • Identify improvements and gaps within the SOC operations and create standard operating procedures.

Requirements

• Act as an escalation point for Tier 1 analysts, handling more complex security incidents and alerts. • Investigate, triage, and respond to security incidents detected through the SOAR / SIEM and other security monitoring tools. • Perform in-depth analysis of incidents and recommend containment and remediation actions. • Lead containment and remediation efforts for security incidents. • Develop, test, and fine-tune detection rules and use cases based on log sources, threat intelligence, attack patterns, and client requirements. • Identify emerging threats and incorporate them into use-cases for alerts and detections. • Optimize and refine alert thresholds and logic to minimize false positives and enhance detection accuracy. • Leverage expertise in Microsoft 365 Defender/Defender XDR, Microsoft Defender for Endpoint, Defender for Office 365 and Entra ID Protection to improve overall threat detection and response. • Conduct proactive threat hunting to identify unknown threats across endpoints, identities, and network traffic using available tools and log sources. • Analyze security logs and telemetry data for signs of compromise, anomalous activities, or malicious behavior. • Perform root-cause analysis for security incidents and provide actionable insights to improve security posture. • Prioritize the work effectively and handle shifting priorities professionally. • Work closely with cross-functional teams (IT, Cloud Operations, Application Development) to mitigate security risks and improve incident response capabilities. • Create detailed reports and post-incident analysis to communicate findings and recommendations to technical and non-technical stakeholders. • Contribute to continuous improvement of SOC processes, including SOPs, playbooks, runbooks, and escalation procedures. • Stay updated with the latest threat landscape, vulnerabilities, and attack methods. • Share knowledge and insights with other SOC analysts and participate in team knowledge-sharing sessions. • Participate in red/blue team exercises to test and improve detection and response capabilities.