Job description
SOC Analyst - SC Cleared
Skills: SOC, SIEM, Sentinel
Overview: We are seeking a skilled professional to manage data feeds, develop use cases, and fine-tune alerts in Microsoft Sentinel.
Key Responsibilities:
- Support the onboarding and ingestion of test feeds into Microsoft Sentinel for a critical government department.
- Develop, implement, and optimize detection use cases.
- Adjust alert thresholds to minimize false positives.
- Collaborate with security teams to analyse and respond to alerts.
- Continuously review and enhance detection rules and use cases.
- Assist in the creation of training materials and reporting.
Qualifications:
- Experience with Microsoft Sentinel and SIEM platforms.
- Proficiency in KQL for querying and alert tuning.
- Familiarity with OKTA and AWS log types is a plus.
- Understanding of security logs and event types (e.g., firewalls, servers).
