KQL developer - Marshall Wolfe : Job Details

CYBER SECURITY DEVELOPER/SecOps

Are you a skilled developer with a passion for cybersecurity and automation? Join a dynamic and expanding Security Operations team dedicated to delivering top-notch security event monitoring and incident response services using Microsoft technologies. If you have a background in security operations, deployment, or software development, this opportunity could be the perfect fit to advance your career.

Key Responsibilities:

• Develop, maintain, and enhance Logic Apps and Sentinel playbooks to automate workflows within Microsoft Sentinel.
• Create and manage API integrations between Sentinel and other systems to streamline data collection and automation.
• Design and deploy automated solutions to improve the Security Operations Centre’s (SOC) efficiency.
• Collaborate with analysts and engineers to innovate automation solutions that bolster security posture.
• Continuously monitor and optimize automation tools for peak performance.

Required Experience:

• Proficiency in Microsoft Sentinel, including hands-on experience with playbooks, automation workflows, and incident response.
• Strong background in developing with Azure Logic Apps, APIs, KQL, JSON, and PowerShell.
• Technical familiarity with the Microsoft 365 suite, Defender XDR, Entra ID (Azure AD), and Azure Portal.
• Effective written and verbal communication skills.

Preferred Qualifications:

• Familiarity with automating Microsoft Teams notifications.
• Experience with the Microsoft XDR suite and automation for routine tasks such as alert enrichment and incident management.
• Microsoft certifications, particularly AZ-400 (DevOps Engineer Expert) and AZ-500 (Azure Security Engineer Associate).

For consideration, please apply with your CV!