SOC Analyst - SC Cleared
Posted 4 hours 20 minutes ago by Stott and May
SOC Analyst - SC Cleared
Skills: SOC, SIEM, Sentinel
Overview: We are seeking a skilled professional to manage data feeds, develop use cases, and fine-tune alerts in Microsoft Sentinel.
Key Responsibilities:
Support the onboarding and ingestion of test feeds into Microsoft Sentinel for a critical government department.
Develop, implement, and optimize detection use cases.
Adjust alert thresholds to minimize false positives.
Collaborate with security teams to analyse and respond to alerts.
Continuously review and enhance detection rules and use cases.
Assist in the creation of training materials and reporting.
Qualifications:
Experience with Microsoft Sentinel and SIEM platforms.
Proficiency in KQL for querying and alert tuning.
Familiarity with OKTA and AWS log types is a plus.
Understanding of security logs and event types (eg, Firewalls, Servers).