Azure Analyst - CDC

Job Description

We are seeking a skilled Azure Sentinel Logic App and Analytic Rules Engineer to join our cybersecurity team. The ideal candidate will be responsible for designing, implementing, and managing automated workflows using Azure Logic Apps and developing analytic rules within Azure Sentinel to enhance our security posture and incident response capabilities.

Responsibilities

• Design and Develop Logic Apps: Create and manage Azure Logic Apps to automate responses to security incidents detected by Azure Sentinel. This includes configuring triggers, actions, and conditions based on specific security events.
• Implement Analytic Rules: Develop and optimize analytic rules in Azure Sentinel to detect potential threats and anomalies within the environment. This involves leveraging Kusto Query Language (KQL) to create effective queries that generate actionable alerts.
• Integrate Security Logs: Streamline the integration of security logs and data sources into Azure Sentinel using Logic Apps, ensuring that all relevant security data is captured and analyzed efficiently.
• Automate Incident Response: Build automated workflows that respond to alerts generated by Azure Sentinel, including actions such as sending notifications, creating tickets, or executing remediation scripts.
• Monitor and Optimize: Continuously monitor the performance of Logic Apps and analytic rules, making adjustments as necessary to improve detection rates and reduce false positives.

Essential Skills

• Certifications in Azure, cybersecurity or related fields.
• Experience with additional security tools and technologies (e.g., firewalls, intrusion detection systems).
• This role is crucial for enhancing our security operations and ensuring a proactive approach to threat detection and response. If you are passionate about cybersecurity and have the required skills, we encourage you to apply.
• Proficiency in Kusto Query Language (KQL) for creating and optimizing analytic queries.
• Experience with Azure Logic Apps, including triggers, actions, and connectors.
• Familiarity with security frameworks and best practices, including incident response and threat hunting.
• 3+ years of experience in cybersecurity, with a focus on security operations, incident response, and SIEM platforms.
• 2+ years of hands-on experience with Azure Sentinel, including the development of analytic rules and Logic Apps.

Additional Desired Skills

• Strong verbal and written English communication
• Strong interpersonal and presentation skills
• Ability to work with minimal levels of supervision
• Willingness to work in a job that involves 24/7 operations

Education Requirements & Experience

• Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
• Minimum of 2-6 years of experience in the IT security industry, preferably working in a SOC environment
• Certifications: GCIH, CCNA, CCSP, CEH