SOC Operations Specialist

We are seeking a SOC Operations Specialist to strengthen our cybersecurity defense and response capabilities. The role involves leading threat detection, investigation, and automation efforts using Microsoft Sentinel and Defender XDR . You’ll be working closely with cross-functional teams to enhance the organization’s overall security posture through advanced analytics, automation, and proactive threat hunting.

Key Responsibilities

Lead end-to-end threat detection, investigation, and response using Microsoft Sentinel & Defender XDR.

Develop and optimize KQL queries , custom analytics rules, dashboards, and automated playbooks.

Administer and maintain Sentinel environments , integrations, and connectors.

Conduct threat hunting and guide L1 / L2 analysts during escalations.

Document detection logic, automation workflows, and response procedures .

Participate in Red / Blue team exercises and proactive security assessments.

Support automation, DevSecOps, and CI / CD for continuous security content deployment.

Required Skills & Expertise

6–8 years of hands-on experience in SOC operations or cybersecurity roles.

Proficiency in Microsoft Sentinel, Defender XDR, KQL, and SOAR (Logic Apps) .

Strong understanding of incident response, MITRE ATT&CK framework , and Azure cloud security .

Solid analytical and problem-solving skills with excellent documentation ability.

Strong communication and collaboration skills to work in dynamic SOC environments.

Preferred Qualifications

Certifications such as SC-200 (Microsoft Security Operations Analyst) , SC-100 (Cybersecurity Architect) , or AZ-500 (Azure Security Engineer) are a plus.