Security Operations

The Role

Looking for a SecOps Engineer with broad knowledge and experience in security monitoring solutions, in using Azure Sentinel, knows how to collect relevant log events provided by different sources, maintaining a SIEM and SOAR platforms, building analytics rules and integrating different solutions and automation.

The consultant will contribute to and drive the improvement of the effectiveness and efficiency of the customers security detection capabilities, mainly based on the analysis of security events, incidents, input form business partners, service providers and other external sources.

Key Responsibilites

• Integrate various security solutions to Azure Sentinel and other Microsoft products and SOAR
• Onboard new data sources to the Azure Sentinel platform from a wide variety of sources
• Maintain and optimize the Azure Sentinel platform
• Develop and implement analytics rules to detect security threats and anomalies
• Develop and maintain security incident response runbooks
• Help build playbooks for our SOAR to automate tasks
• Play a role in the resolution of security events

Requirements

• Several years of experience in operational security function as part of a Security Operations Team
• Excellent know-how of information security technologies and how to integrate various technologies
• Expert in Microsoft Security suite, including Sentinel and Defender Endpoint with data source onboarding, platform maintenance, rule building, and automation
• Experience with other security tools and platforms
• Strong knowledge of technical aspects of operating systems, virtual environments, cloud platforms and networking protocols

Startup: As soon as possible

Duration: Longterm

Location: Copenhagen 2 days/week, otherwise remote

Scope: 80-90%