More jobs:
Job Description & How to Apply Below
This is a senior, hands‑on cybersecurity consulting role focused on helping customers improve and automate their Security Operations Centre (SOC) capabilities. You'll design, build, and optimise detection and response solutions across SIEM, XDR, and SOAR platforms, with a strong emphasis on detection engineering, automation, and "detection as code."
Key Responsibilities- Design, develop, and optimise detection rules for SIEM and XDR platforms, with a strong focus on Microsoft Sentinel.
- Build, maintain, and enhance SOAR automations, incident response playbooks, and workflow integrations.
- Develop high‑quality detection content using Kusto Query Language (KQL), Python, and Power Shell.
- Create and maintain detection use cases aligned with the MITRE ATT&CK framework.
- Assess customer logging and telemetry to identify visibility gaps and improve detection coverage.
- Implement and maintain Detection‑as‑Code (DaC) pipelines, ensuring security content is reusable, version‑controlled, and scalable.
- Lead customer workshops and provide strategic guidance on SOC maturity, detection engineering, and security operations best practices.
- Collaborate with engineering, onboarding, and delivery teams to integrate detections, automations, and response workflows into customer environments.
- Continuously improve detection content, automation playbooks, and operational standards to enhance SOC effectiveness and efficiency.
- Stay current with emerging threats, attack techniques, and security technologies to ensure detection capabilities remain effective.
- Proven experience designing, implementing, and engineering SIEM solutions, preferably using Microsoft Sentinel.
- Strong hands‑on expertise in Kusto Query Language (KQL) and detection rule development.
- Experience building SOAR automations using Microsoft Logic Apps, Cortex XSOAR, or comparable platforms.
- Proficiency in Python and/or Power Shell for scripting, automation, and API integrations.
- Strong understanding of detection engineering principles and the MITRE ATT&CK framework.
- Experience with leading XDR/EDR platforms, including Microsoft Defender XDR, Crowd Strike Falcon, Palo Alto Cortex XDR, or Sentinel One.
- Solid knowledge of Microsoft Azure security services, cloud‑native security, and telemetry collection.
- Experience implementing Detection‑as‑Code practices using source control and CI/CD pipelines.
- Excellent customer‑facing consulting, communication, presentation, and stakeholder management skills.
- Ability to translate business and security requirements into effective monitoring, detection, and response strategies.
- Strong analytical and problem‑solving skills, with the ability to work independently and collaboratively in fast‑paced environments.
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×