We are seeking a highly skilled Senior SOC Analyst with 6–7 years of hands-on experience in Security Operations, including expert-level proficiency in Microsoft Sentinel. This role demands deep technical knowledge in deployment, integration, configuration, and management of Sentinel within complex enterprise environments. The ideal candidate will serve as a security lead within the SOC, providing guidance on advanced threat detection, investigation, and response.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Key Responsibilities:
- Lead the end-to-end deployment and configuration of Microsoft Sentinel in hybrid and cloud environments.
- Manage and fine-tune Sentinel components: Data connectors, Analytics Rules, Workbooks, Playbooks, and Automation Rules.
- Drive advanced threat detection and incident response activities across enterprise systems and networks.
- Perform in-depth log analysis, KQL scripting, and correlation rule development to detect anomalies and potential threats.
- Conduct proactive threat hunting using Microsoft Sentinel and integrated threat intelligence feeds.
- Provide technical leadership to SOC L1/L2 teams, including mentoring, escalation support, and playbook development.
- Collaborate with IT, cloud, and security teams to improve overall security posture and ensure Sentinel integrates effectively with other security tools.
- Prepare and present technical reports, incident documentation, RCA reports, and recommendations to leadership.
- Continuously evaluate and improve Sentinel configurations based on emerging threats and best practices.
Required Qualifications & Skills:
- Bachelor’s Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- 6 to 7 years of experience in a Security Operations Center, including at least 2+ years of dedicated experience with Microsoft Sentinel.
- Proven expertise in Microsoft Sentinel deployment, customization, and day-to-day operations.
- Proficient in KQL (Kusto Query Language) for advanced log analysis and threat hunting.
- Strong understanding of Azure Security tools (Microsoft Defender for Cloud, Defender for Endpoint, Azure Log Analytics, etc.).
- In-depth knowledge of incident response methodologies, threat analysis frameworks (e.g., MITRE ATT&CK), and cyber kill chain.
- Experience with SIEM-SOAR integrations, automation playbooks, and real-time alerting systems.
- Familiarity with regulatory standards such as ISO 27001, NIST, GDPR, etc.
- Relevant certifications preferred: SC-200, AZ-500, CISSP, GCIA, GCIH, or similar.
