Senior Consultant-SOC L3-Incident Response

• Incident Detection and Response:
  Lead the investigation of high-priority security incidents, leveraging Azure Sentinel SIEM, Splunk , Microsoft Defender for Endpoint, and other security tools. Perform deep-dive investigations into security incidents, determine the root cause, and guide the team in remediation efforts.

• Security Monitoring:
  Use Azure Sentinel to create and refine custom detection rules to identify new threats. Monitor and validate alerts from Microsoft Defender for Endpoint to identify endpoint security threats, such as malware, ransomware, and advanced persistent threats (APTs).

• Incident Documentation Reporting: Document security incidents, including timelines, actions taken, and outcomes, and create comprehensive post-incident reports.

• Collaboration Guidance: Collaborate with other SOC team members, IT teams, and external vendors to resolve security incidents. Provide mentorship and guidance to junior analysts (L1/L2) and assist in training on incident response procedures and tool usage.

• Forensic Analysis and Threat Hunting: Perform forensic analysis on compromised systems to understand the full scope of an attack and ensure containment. Conduct proactive threat hunting activities within the environment using Microsoft Defender for Endpoint and Azure Sentinel to identify indicators of compromise (IOCs).

• Security Posture Improvement: Contribute to the improvement of security monitoring and incident response processes, and help refine security procedures to prevent future incidents.

• Administer and optimize Azure Sentinel and Microsoft Defender for Endpoint configurations to maximize threat detection and incident response capabilities.

• Stay up-to-date with the latest threat intelligence and security trends and ensure tools and strategies evolve with emerging threats.

Sales:

Copyrights 2025 All Rights Reserved by Aujas.