Managed Services Security Operations Analyst

About the Company
eGroup Enabling Technologies is a nine-time winner of Microsoft's Partner of the Year Award, specializing in Modern Workplace Technologies that promote secure communication and collaboration in the Cloud. eGroup Enabling is a 100% remote organization with staff throughout the US. We are a results-focused organization with an exceptional team that consistently and effectively challenges each other to provide the best customer experience.

Job Purpose
The Managed Services Security Operations Analyst plays a critical role in protecting an organization’s digital assets by monitoring, detecting, investigating, and responding to security threats and incidents. Leveraging Microsoft’s suite of security tools, including Microsoft Sentinel, Defender for Endpoint, and Azure Security Center. The Security Operations Analyst is responsible for maintaining a secure environment, enhancing threat intelligence, and implementing best practices for incident response. This role involves close collaboration with IT and security teams to ensure proactive risk management, develop and refine detection capabilities, and ensure compliance with security policies and industry standards, thereby safeguarding organizational integrity and supporting a resilient security posture. This role will not have supervisory responsibility but will be required to work with clients and internal resources to manage their systems.

Responsibilities

• Monitor and manage simple to complex Microsoft cloud security solutions
• Review and update technical documents to maintain current and future cloud platforms
• Monitor and act upon Microsoft Azure Sentinel security alerts and incidents
• Create and maintain security incident response plans for current and future security threats
• Validate and review Azure Sentinel connectors and integrations as directed by clients
• Utilize and develop threat hunting queries for Azure Sentinel using KQL
• Guide Clients and SOC while they perform remediation activities related to security events
• Automate response and remediation activities using SOAR and Azure Playbooks
• Provide input to continuous service improvements
• Escalate tickets and work with vendors and partners
• Work with other eGroup Enabling Technologies engineers and partners to grow the business and prepare for future customers’ needs

Requirements

• Bachelor’s degree in cyber security, Computer Science or a similar field. An equivalent combination of education and experience may substitute for a degree.
• SC-900, SC-200
• 2+ years of relevant Managed Services and/or Consulting experience
• 2+ years of relevant Microsoft Azure Sentinel design, support, or delivery experience
• 2+ years of relevant Managed Security Service Provider experience
• Experience working with SIEM tools in complex enterprise environments
• Experience with PowerShell scripting and management of Microsoft cloud solutions
• Experience with provisioning Azure resources and services
• Working experience with Windows Servers\Desktop OS, and Active Directory
• Knowledge of infrastructure solutions, especially in relation to Microsoft solutions, system security, enterprise directories, and cloud technologies.
• Knowledge of current IT market challenges/initiatives (Cloud, Hybrid-Work, Mobility, BYOD)
• Knowledge of MITRE ATT&CK techniques and writing KQL threat hunting queries
• Knowledge of SOAR concepts and automation best practices
• Intermediate knowledge of networking, including DNS, TCP/IP, VPN, Switches, Firewalls
• Excellent customer service, effective verbal, and written communication abilities
• Knowledge of Azure IaaS and Azure Networking Stack
• Knowledge of Microsoft Security Suite (Endpoint, Identity, M365, Cloud Apps)
• Knowledge of Microsoft Endpoint Manager (Intune, Endpoint Configuration Manager)
• Ability to obtain and maintain vendor professional certifications as necessary to achieve company/departmental goals

Preferred Qualifications (Nice to Have)

• AZ-500, SC-300 or SC-400 Microsoft Certifications

Working Conditions

• This role and eGroup Enabling Technologies is a 100% remote environment. Candidates should have access to a productive work environment with the ability to complete work entirely on a computer. Appropriate hardware will be provided by eGroup Enabling Technologies. Access to a strong internet connection is essential.

How to Apply
Complete this survey to be considered for an interview: https://www.surveymonkey.com/r/eGroupQuestionnaire