SOC Analyst
Robert HalfSaint Paul, MN, USjob_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
- serp_jobs.job_card.temporary
job_description.job_card.job_descriptionOversee security alerts and anomalies within Microsoft Defender and Sentinel platforms, ensuring timely identification of Indicators of Compromise (IOCs). Conduct triage and enrichment of security events, initiating appropriate responses and escalating incidents as outlined in established playbooks. Enhance detection capabilities by refining analytics rules, creating watchlists, and developing automated workflows using Logic Apps. Prepare detailed reports on threat intelligence, incidents, and control recommendations on a regular basis. Mentor team members and provide guidance on improving incident response processes and playbooks. Update and optimize incident response playbooks to align with evolving security challenges. Deliver knowledge transfer sessions to internal staff, ensuring effective understanding of tools and processes. Produce metrics that demonstrate noise reduction and improved detection accuracy after tuning rules and analytics. Collaborate with security operations leadership to identify gaps and propose actionable solutions for enhanced security posture. ANYONE INTERESTED IN THIS ROLE SHOULD CONTACT ROBERT BROMMEL AT 612-503-4032 A minimum of 3–5 years of hands-on experience working with Microsoft Defender and Sentinel in a security operations environment. Strong proficiency in Active Directory, Windows Server, and Windows 10 telemetry. Expertise in building effective detections, hunting queries, and implementing automation within security platforms. Knowledge of incident response lifecycle and familiarity with MITRE ATT& CK framework. Solid understanding of Security Operations Center functionalities and best practices. Ability to analyze and interpret Windows and Active Directory telemetry to identify security threats. Experience in creating and refining security playbooks and delivering training sessions to team members.
Job Description
Job Description
- 100% onsite in Saint Paul, MN
Robert Half has a client with an immediate need on their security team, specifically working with the Microsoft Defender tool. This need will require someone that has engineer to architecture level experience in Microsoft Defender. In this role, you will leverage your expertise to enhance real-time security monitoring, detection, and response efforts using Microsoft Defender and Sentinel platforms. This is a long-term contract position that offers the opportunity to work closely with incident response teams and contribute to the organization’s security operations.
Responsibilities :
serp_jobs.job_alerts.create_a_job
Soc Analyst • Saint Paul, MN, US