• Roles and Responsibilities/ Essential Functions:
• Provide recommendations for system tuning and enhancements.
• Perform log ingestion tuning.
• Approve analytic rules for specific clients from Analyst II.
• Develop new analytic rules, log parsers and workbooks.
• Utilize and support backend systems such as Microsoft DevOps, Azure Logic Apps, Azure Function Apps, Azure Service Bus and Microsoft Dynamics 365.
• Serve as a technical resource for the sales team during the sales process by answering questions and/or performing demos of SOC services.
• Develop SOAR Rules for global as well as specific clients.
• Provide security event monitoring and analysis to identify critical cyber security events for clients as directed by supervisor.
• Perform event correlation using information gathered from a variety of sources to gain situational awareness and determine the effectiveness of an observed attack.
• Serve as escalation support for SOC services including but not limited to Managed XDR, Managed EDR, Managed Security Awareness Training and Managed Vulnerability Scanning.
• Draft Standard Operating Procedures (SOPs) as directed.
• Participate in an after-hours on-call rotation.
• Provide guidance and mentoring to level I and II analysts.
• Aid with cases and customer requests when needed.
• Complete projects as assigned.

• Competencies:

• Accuracy - Strong attention to detail.

• Active Listening – Ability to actively attend to, convey, and understand the comments and questions of others.

• Adaptability – Ability to adapt to change in the workplace.

• Assertiveness – Ability to act in a self-confident manner to facilitate completion of a work assignment or to defend a position or idea.

• Coaching and Development – ability to provide guidance and feedback to help others strengthen specific knowledge/skill areas.

• Conflict Resolution – Ability to deal with others in an antagonistic situation.

• Decision Making – Ability to make critical decisions while following company procedures.

• Delegating Responsibility – Ability to allocate authority and/or task responsibility to appropriate people.

• Honesty / Integrity – Ability to be truthful and be seen as credible in the workplace.

• Innovative – ability to look beyond the standard solutions.

• Leadership – Ability to influence others to perform their jobs effectively and to be responsible for making decisions.

• Problem Solving – Ability to find a solution for or to deal proactively with work-related problems.

• Relationship Building – Ability to effectively build relationships with customers and co-workers.

• Resource Management – Ability to obtain and appropriate the proper usage of equipment, facilities, materials, as well as personnel.

• Time Management – Ability to utilize the available time to organize and complete work within given deadlines.

• Required Experience:

• 3+ years working in Information Technology

• 1+ years working with Microsoft Azure

• Experience with security tools

• Preferred Experience:

• Experience working in a SIEM product such as Microsoft Sentinel, Splunk or FortiSIEM

• Configuring and managing Microsoft Defender products

• Building and creating Parsers/threat hunting rules

• Required Skills, Education and/or Certifications:

• Associates degree in Information Technology or related field, or equivalent experience

• Microsoft AZ-500 (must be completed within 6 months of employment)

• Preferred Skills, Education and/or Certifications:

• Bachelor’s degree in Information Technology or related field

• Azure Logic Apps, Azure Function Apps, Azure Service Bus

• Microsoft DevOps

• Programming/Scripting with PowerShell, Python

• Experience with Kusto Query Language

Equal Opportunity Employer - Including Disabled and Veterans

#HBS