Monitor and analyze security events across networks, systems, and endpoints.
Investigate, escalate, and respond to security incidents in a timely manner.
Collaborate with the SOC team to enhance incident response procedures.
Microsoft Security Solutions:
Manage and maintain Microsoft Defender suite of tools, Azure Sentinel, and Microsoft Services.
Implement Microsoft security configurations and policies to protect digital environments.
Conduct threat hunting and data analysis using Microsoft Sentinel, KQL, and other Microsoft tools.
Ensure compliance with security standards and best practices within Microsoft environments.
Threat Detection and Incident Response:
Conduct root cause analysis for security incidents and create actionable remediation plans.
Support threat intelligence and vulnerability management programs to proactively reduce risk.
Automate response and remediation workflows using Microsofts security automation tools.
Security Engineering and Improvements:
Develop and fine-tune security alerts and rules to improve threat detection.
Collaborate with cross-functional teams to assess and improve security architecture.
Assist in the design and implementation of secure cloud and hybrid environments with a focus on Microsoft platforms.
Documentation and Reporting:
Maintain up-to-date documentation of security procedures and incident reports.
Generate reports on security incidents, SOC performance, and security posture improvements.
Provide recommendations to improve security operations and incident response
Preferred candidate profile
7+ years of professional experience in Security Operations Centre (SOC) or
5+ years of experience cybersecurity engineering role
Strong hands-on experience with Microsoft security products, including:
Microsoft Defender for Endpoint, Azure Sentinel, and Microsoft 365 Defender.
Knowledge of Kusto Query Language (KQL) for threat hunting and data analysis.
Familiarity with Microsoft security compliance frameworks and configurations.
Act as an escalation point for high and critical severity security incidents and conduct thorough investigations to determine potential impact and understand extend of compromise.
Practical knowledge of SIEM platforms, preferably Azure Sentinel, and incident response processes.
Hunt for Indicators of Compromise (IOCs) and signs of Advanced Persistent Threats (APTs) within the Clients environment.
Analyse attack patterns, Tools, Techniques and Procedures (TTPs) to identify methods of attacks and attack life cycle.
Experience with a variety of security technologies, including firewalls, intrusion detection systems, EDR, XDR, SASE, SSE, Email Security Gateways, IDAM, and vulnerability scanners
Experience with security best practices, including incident response, risk assessments, and security controls.
Strong analytical and problem-solving skills with the ability to work in a fast-paced environment.
Perks and benefits
Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.
