Azure SOC SME Engineer

Position:         Full-Time

Location:        Remote (Pacific Time Hours)

Start Date:      ASAP

Duration:        Six Months

Nationality:     ANY

Windows Management Experts (WME) is looking for a motivated and experienced Azure SOC SME Engineer Role to join one of our client companies. The candidate should have at least 2-3 years of experience with Azure Security Operations support integrating Sentinel and Log Analytics workspaces with on-premise Splunk, Q-radar SOAR platforms, and EDR. You will also support rule correlation engineering and build automation and playbooks in Azure.

That said, you will work with client SOC engineers for endpoint detection. You must have strong knowledge of Azure Defender, CSPM, services, Sentinel, and Monitoring analytics so that you can support Incident Response for Azure Cloud

The candidate should have strong expertise in Azure Resource Manager (ARM) templates and PowerShell scripting to automate deployment and management tasks. They should also be familiar with Azure DevOps for continuous integration and deployment.

That said, they should have experience with Azure security and compliance, including Azure Security Center, Azure Active Directory, and Azure Information Protection. They should be able to design and implement secure Azure architectures, conduct security assessments, and implement security policies and procedures.

Lastly, the successful candidate will be a self-motivated individual, who can work effectively in dynamic conditions and within deadlines. That said, the preferred candidate should expect to work 40 hours per week and should be flexible enough to work part-time hours as well.

Required Skills/Qualifications/Education:

• A bachelor’s degree from an accredited college/university with Computer Science, Software Engineering, or Information Technology as its major coursework.
• Certifications: Azure Security Operations and/or Azure Security Architect and/or Azure Security
• GCP Security Command Center integration with Azure Sentinel.
• Splunk and Qradar expertise.
• Ability to support GCP alerting and Incident Response
• Proficient in designing, implementing, and managing Azure Security Center policies and recommendations for continuous security monitoring.
• Extensive experience in utilizing Azure Sentinel to detect, investigate, and respond to security incidents and threats within Azure environments.
• Strong understanding of Azure Active Directory (AAD) and its integration with Azure Security Center for effective identity and access management.
• Familiarity with Azure Defender, including configuring and fine-tuning threat protection across Azure resources such as virtual machines, containers, and databases.
• Expertise in leveraging Azure Log Analytics and Azure Monitor to collect, analyze, and visualize security logs and telemetry data for proactive threat hunting and incident response.
• Hands-on experience with Azure Key Vault for securely storing and managing cryptographic keys, secrets, and certificates used in Azure services and applications.
• Proficient in implementing Azure Resource Manager (ARM) templates and Azure Policy to enforce security controls and compliance requirements across Azure subscriptions and resource groups.
• Knowledge of Azure Virtual Network (VNet) architecture, including implementing network security groups (NSGs), Azure Firewall, and Azure DDoS Protection for securing network traffic.
• Familiarity with Azure Bastion and Azure Private Link for secure remote access to Azure virtual machines and services, minimizing exposure to the public internet.
• Strong understanding of Azure Security Center’s integration with third-party security solutions such as antivirus, SIEM, and IDS/IPS systems to enhance threat detection and response capabilities.

Responsibilities of the Desired Azure SOC SME Engineer:

• Collaborate with cross-functional teams to design, implement, and maintain an effective Azure Security Operations Center (SOC) infrastructure.
• Develop and maintain security monitoring use cases, rules, and alerts within Azure Sentinel to detect and respond to potential security incidents.
• Conduct regular security assessments and vulnerability scanning of Azure environments, identifying and remediating any security gaps.
• Lead incident response efforts by analyzing security incidents, coordinating with relevant teams, and implementing necessary containment and remediation actions.
• Conduct threat-hunting activities using advanced techniques and tools to proactively identify and mitigate security threats within Azure environments.
• Create and maintain comprehensive documentation of Azure SOC processes, procedures, and standards to ensure consistent and efficient operations.
• Assist in the development and implementation of security awareness and training programs to educate users on secure Azure usage and best practices.
• Collaborate with Azure infrastructure and application teams to ensure secure design and configuration of Azure resources in alignment with security requirements.
• Participate in security incident investigations, including root cause analysis, to identify systemic issues and recommend appropriate preventive measures.
• Monitor and respond to security alerts and events generated by Azure Security Center, Azure Sentinel, and other security tools.
• Conduct regular security log analysis and auditing to identify suspicious activities, potential security breaches, and compliance violations.
• Contribute to the development and maintenance of security incident response plans, playbooks, and runbooks.
• Work closely with third-party vendors and security partners to evaluate and implement integrations between Azure SOC tools and external security solutions.
• Provide technical guidance and mentorship to junior team members.

Core Values:

• Integrity (Doing What’s Right)
• Inclusion (Encouraging Diversity)
• Teamwork (Working Together)
• Excellence (Being Your Best)
• Accountability (Taking Personal Responsibility)

Disclaimer:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.