Cyber Automation
Tasks
- Administer Microsoft Sentinel and Microsoft Defender tools
- Analyze logs and telemetry for anomalous activity
- Automate incident response workflows with Logic Apps and PowerShell
- Conduct threat hunting with Sentinel analytics
- Correlate security incidents
- Deliver executive reports on threat activity and remediation
- Develop Sentinel workbooks dashboards and KQL queries
- Document incident response steps and root cause analysis
- Escalate confirmed incidents
- Identify indicators of compromise
- Integrate alerts with ServiceNow
- Maintain 247 situational awareness coverage
- Maintain asset inventories and patch metrics
- Maintain security documentation and SIEM configurations
- Monitor Defender Vulnerability Management dashboards
- Monitor security alerts and events
- Participate in internal audits and tabletop exercises
- Perform incident triage and investigation
- Perform vulnerability scans and track remediation
- Produce daily weekly SOC summaries and metrics
- Provide input to System Security Plan controls
- Recommend SOC process and escalation improvements
- Stay current on evolving threats and Microsoft security technologies
- Support CMMC Level 2 monitoring evidence collection and reporting
- Support incident containment eradication and recovery
- Tune detections to reduce false positives
- Update POA M items
- Validate patch compliance across AVD and Windows 365
- Write KQL queries and custom detection rules
Perks/Benefits
- Company-Paid Holidays
- Employee assistance programs
- Life and disability insurance
- Medical, dental, and vision insurance
- Paid time off
- Retirement savings plan
- Rotating on-call schedule
- Sick leave
Skills/Tech-stack
Active Directory | Asset Inventory | Azure Government | Conditional Access | Defender Vulnerability Management | Defender for Cloud | Defender for Endpoint | Defender for Identity | Entra ID | GCC-High | Incident Response | Intune | KQL | Kusto Query | Kusto Query Language | Log Analysis | Logic Apps | Microsoft 365 | Microsoft 365 GCC | Microsoft 365 GCC High | Microsoft Defender | Microsoft Defender Vulnerability Management | Microsoft Defender for Cloud | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Sentinel | Patch Management | Power Automate | Powershell | Query Language | SIEM | ServiceNow | Threat hunting | Vulnerability Management
Related jobs
-
Senior IT Security Associate (Engineer) USD 97K-129KAccess Management | Alerting | Deployment Playbooks | Endpoint Security | Identity and Access ManagementMid-level Full TimeHouston, TX, US6h ago
-
Senior Security Engineer USD 170K-190KAI Vendor Risk | AWS | Code review | Data Governance | Dependency security401k | Equipment provided | Equity compensation package | Flexible vacation policy | Fully remoteSenior-level Full TimeRemote (United States) R10h ago
-
Partner 20, Staff Engineer, Security Automation USD 243K-284KAI APIs | Access Management | Asset Management | Cloud Security | Compliance Evidence401k plan | Bonus programs | Dental insurance | Disability insurance | Health insuranceSenior-level Full TimeSan Francisco, California, United States16h ago
-
Information Security Analyst / Engineer USD 100K-145K800-53 | AWS | Access Management | Audit Evidence Collection | Audit evidenceSenior-level Full TimeAlpharetta, GA17h ago
-
Practice Lead, DevSecOps - Northeast region USD 110K-160KAPI Security | API security testing | Application Firewall | Brinqa | CIAMFlexible time off | Group dental insurance | Group medical insurance | Home internet allowance | Mobile phone allowanceSenior-level Full TimeRemote R18h ago
-
Manager Information Security Programs USD 160K-175KCompliance Management | Contract Management | DLP | GRC | Governance401k plan | Dental insurance | Flexible spending account | Health savings account | Life insuranceSenior-level Full TimeLos Angeles, CA18h ago
-
Staff+ Product Security Engineer USD 200K-300KAWS | Architecture Analysis | Code review | Design review | Development LifecycleCommuter benefits | Dental benefits | Flexible PTO | Health benefits | Healthy lunches provided dailySenior-level Full TimeSan Mateo, CA United States19h ago
-
Senior Incident Response Analyst (R-19347) USD 132K-195KAI Security | AWS | Azure | Carbon Black | CrowdStrike401k match | Dental insurance | Donation matching | Education assistance | Health and wellness benefitsSenior-level Full TimeCenter Valley - Pennsylvania - United …20h ago
-
Information System Security Officer (ISSO) USD 140K-160K800-53 | A and A | AFI 17-101 | AWS | Air ForceHybrid flexible work scheduleMid-level Full TimeChantilly, VA21h ago
-
Senior Staff Security Engineer, Ripple Treasury USD 220K-275KAPI Security | AWS IAM | Application Firewall | Application Security Testing | AuthenticationCatered lunches | Family planning benefits | Fully stocked kitchens | Generous vacation policy | Happy hoursSenior-level Full TimeChicago, Illinois, United States21h ago
-
Senior Staff Security Engineer, Ripple Treasury USD 232K-290KAPI Security | Application Firewall | Application Security Testing | Authentication | AuthorizationCatered lunches | Employee giving match | Family planning benefits | Flexible in-office schedule | Fully stocked kitchensSenior-level Full TimeSan Francisco, CA, United States21h ago
-
Analytic Developer/Insider Threat Analyst - Journeyman USD 115K-145KAlert triage | Behavioral analytics | C2C | Continuous Monitoring | DLPMid-level Full TimeFAIRFAX, VA, United States22h ago
-
ACAS | EMASS | Elastic | IAVM | RMFMid-level Full TimeFAIRFAX, VA, United States22h ago
-
Cybersecurity Analyst (CDAP) - Journeyman USD 102K-130KAlert triage | Continuous Monitoring | Correlation | Cybersecurity | DLPMid-level Full TimeFAIRFAX, VA, United States22h ago
-
Data Security Analyst - Journeyman USD 88K-130KContinuous Monitoring | Cybersecurity | DLP | Data Governance | Data IngestionMid-level Full TimeFAIRFAX, VA, United States22h ago
-
Network Security Analyst (CDAP) - Journeyman USD 80K-142KBoundary Connectivity | Change Management | Continuous Monitoring | Cybersecurity Policy | EDRMid-level Full TimeFAIRFAX, VA, United States22h ago
-
Defensive Cyber Engineer - Journeyman USD 110K-166KACAS | Configuration assessment | Continuous Monitoring | Control Assessment | EMASSSenior-level Full TimeFAIRFAX, VA, United States22h ago
-
Continuous Monitoring | Control System | EMASS | Event analysis | Incident ResponseMid-level Full TimeFAIRFAX, VA, United States22h ago
-
SOC Security Engineering Technician - Journeyman USD 120K-150KConfiguration baselines | Cybersecurity | Detection Systems | Detection and Response | EDRSenior-level Full TimeFAIRFAX, VA, United States22h ago
-
Compliance validation | EMASS | Endpoint Security | IAVM | Management FrameworkMid-level Full TimeFAIRFAX, VA, United States22h ago
-
SOC DMA Technician - Journeyman USD 104K-150KCTIC Reporting | Continuous Monitoring | Correlation engineering | Cyber Defense | Cybersecurity monitoringSenior-level Full TimeFAIRFAX, VA, United States22h ago
-
Security Analyst II (SOC Analyst) USD 75K-95KAttack Vector | Attack vector analysis | Digital forensics | Endpoint protection | Event analysis401k match | Disability coverage | Discretionary time off | Life insurance | Medical/Dental/Vision insuranceMid-level Full TimeCamas, WA22h ago
-
Lead Security Engineer - Artificial Intelligence USD 116K-174KAI Audit Logging | AI audit | API Security | AWS | Access ManagementSenior-level Full TimeDes Moines, IA, United States1d ago
-
Sr Consultant USD 157K-180K.NET | AWS | Access Management | Active Directory | AzureRemote work | Training materials creation | User training sessionsSenior-level Full TimeBurlington, MA R1d ago
-
IT Security Analyst USD 76K-95KAttack Vectors | Control gap assessment | Cybersecurity | Device security | Disaster RecoveryMid-level Full TimeExton, Pennsylvania, United States1d ago