Research, develop, implement, and maintain detection rules and signatures to identify potential threats and anomalies.
Analyse security threats to M365 and build monitoring components to address those threats.
Collaborate with threat intelligence teams to integrate threat data and enhance detection capabilities.
Continuously improve detection methodologies and maintain up-to-date knowledge of emerging threats and attack vectors.
Conduct regular reviews and tuning of detection systems to minimize false positives and ensure high accuracy.
Develop and implement automation scripts and tools to streamline detection processes and improve efficiency.
Utilize automation frameworks to automate routine tasks and workflows related to threat detection and response.
Provide on call support and monitor the health of services in production as part of DevOps culture.
Execute the Dev-Sec-Ops approach to software delivery by designing, coding, testing, deploying and operating components of Microsoft 365 security monitoring system.
Requirements :
5+ year of proven experience in researching and building detection and working with security information and event management (SIEM) systems.
3+ years of professional software engineering experience designing, building, and running cloud services at large scale in C#, .Net or any high-level programming language.
Experience with automation tools and frameworks (e.g., Ansible, Puppet, Chef, Jenkins, LogicApps, CICD).
Solid understanding of cybersecurity principles, threat landscapes, and attack methodologies.
Familiarity with various log sources, data formats, and log analysis techniques.
Excellent problem-solving skills and the ability to think critically and analytically.
Strong communication skills and the ability to work effectively in a team-oriented environment.
Self-learner with passion for technologies.
Must know Secure by Design principles.
Outstanding ability to communicate complex ideas and concepts to a variety of cross-group stakeholders.
Strong organization skills, a bias for action, and ability to deliver results.
Excellent ability to work efficiently, prioritize workflow, ramp quickly, and meet demanding deadlines