Security Analyst with Azure Sentinel

Strength. Care. Growth

Did you know that A1 Bulgaria is working on international projects as well?
Our wide portfolio has long past the telecom services, and we are now offering digital solutions to millions of corporate, public, and private customers.
State-of-the-art technology, the latest innovations, and extremely talented professionals in various areas help us deliver the best-in-class products, services, and customer experience. 
 
You’ll know A1 Bulgaria is the right place for you if you are driven by:

• Opportunities to learn and build your career;
• Meaningful work in a stable and fast-paced company;
• Diversity of people, projects, and platforms;
• A supportive, fun, and inspiring place to work.

Would you like to join us?

Aleksandra Georgieva is looking for a new team member.

Your daily routine would include:

• Monitoring and triaging alerts and incidents in Azure Sentinel and Microsoft Defender ecosystems;
• Performing structured initial investigations such as event timeline reconstruction, IOC validation (IP reputation, URL check, hash analysis), host and user context enrichment;
• Implementing guidelines and SOPs during incident triage, while suggesting improvements when gaps are identified;
• Document all findings, triage steps, and decisions in the ticketing platform;
• Supporting knowledge transfer through shift handovers and team briefings;
• Participate in training sessions and continuously updating technical skills based on the SOC’s evolving needs;
• Contributing to Sentinel detection rule suggestions or automation guides based on recurring false positives;

We’ll know you can make it if you have:

• Solid understanding of Azure Sentinel operations, including alert triage, incident investigation, and the use of workbooks and hunting queries;
• Hands-on experience with Microsoft Defender for Endpoint, Defender for Identity, and Defender for Office 365;
• Understanding of security event types such as authentication anomalies, endpoint threats, network detection alerts, and email security threats;
• Competent in incident triage and initial investigation steps, including basic correlation of events and IOC enrichment;
• Familiarity with ticketing systems (e.g., ServiceNow) for incident lifecycle management;
• Working knowledge of core security concepts: SIEM, EDR, IOC, MITRE ATT&CK, threat intelligence basics;
• Ability to prioritize and manage multiple alerts/incidents during peak periods;
• Availability for On-call duty per schedule;
• Certifications such as Microsoft SC-200, SC-900, or equivalent training paths is a plus.

Our gratitude for the job done will be eternal, but we’ll also offer you:

• Innovative technologies and platforms to “play” with;
• Modern working environment for your comfort;
• Friendly, ambitious, and motivated teammates to support each other;
• Thousands of online and in-person learning opportunities to grow;
• Challenging assignments and career development opportunities in multinational environment;
• Attractive remuneration package;
• Flexible working schedule and opportunity for home office;
• Numerous additional goodies, including, but not limited to free A1 services, discounts, health insurance and services, sports center, childcare, team and family events, etc.

You want to learn more? See us in action in our A1 Blog.
Sounds good? Apply now!
Deadline for applications: 28 May 2025
Only shortlisted candidates will be contacted.
Any questions? Contact Diana Panteleeva.