Security Operations Center Analyst (L2) (Microsoft)

TL;DR

Security Operations Center Analyst (L2) (Microsoft): Monitoring, detecting, and responding to security incidents for an insurance client with an accent on Microsoft security technologies. Focus on triaging security alerts using Microsoft Sentinel and Defender, performing threat hunting, and refining detection rules.

Location: Hybrid (1 day per week onsite in Cologne, Germany)

Salary: €65 – €90 per hour

Company

A recruitment firm hiring for a client in the insurance sector.

What you will do

• Monitor and triage security alerts and incidents using Microsoft Sentinel and the Microsoft Defender suite
• Investigate security events to identify root causes and recommend remediation actions
• Conduct proactive threat hunting activities to identify potential security risks
• Maintain and improve detection rules, playbooks, and use cases within Microsoft Sentinel
• Collaborate with IT and infrastructure teams to remediate vulnerabilities and security issues
• Produce clear and concise incident reports and documentation

Requirements

• Proven experience working as an L2 SOC Analyst or in a similar role
• Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender (Endpoint, Identity, Cloud Apps, Office 365)
• Proficiency in KQL (Kusto Query Language) for querying and detection tuning
• Strong understanding of the security incident lifecycle and MITRE ATT&CK framework
• Experience analyzing logs from various sources including network, endpoint, and cloud
• Understanding of networking fundamentals such as TCP/IP, DNS, and firewalls

Culture & Benefits

• Opportunity to work in a dynamic, security-focused environment within the insurance sector
• Initial 6-month contract with potential for extension