ZipRecruiter
Job DescriptionJob DescriptionSalary:
Were seeking a Security Operations Analyst with hands-on experience in Microsofts security ecosystem to help us operationalize and optimize our threat detection, incident response, and automation capabilities. Youll work directly with the Information Security Manager to build out our SOC-lite environment, respond to threats, and design workflows that scale.
This is a high-impact role for someone who thrives in a fast-paced, lean environment and wants to shape the future of security operations from the ground up.
Responsibilities
Monitor and triage alerts across Microsoft Sentinel, Defender XDR, Defender for Endpoint, and Defender for Cloud
Build and maintain KQL queries, custom analytics rules, and SOAR playbooks using Logic Apps
Integrate security alerts with Microsoft Teams, ServiceNow, or other ticketing systems
Conduct incident investigations, root cause analysis, and containment actions
Collaborate with IT and DevOps to implement Zero Trust policies, RBAC, and secure configurations
Maintain documentation for playbooks, workflows, and escalation procedures
Assist in compliance efforts related to HIPAA, ISO 27001, and FDA REMS reporting systems
Contribute to automation and process improvement across the security lifecycle
Required Qualifications
2+ years in a security operations or cloud security role
1+ years working directly with Microsoft Sentinel and Defender suite
Proficiency in KQL, Logic Apps, and Microsoft 365 Security Center
Experience with incident response, threat hunting, and alert tuning
Strong understanding of MITRE ATT&CK, Zero Trust, and cloud security principles
Excellent written and verbal communication skills
Ability to work independently and collaboratively in a lean team
Qualifications
SC-200, AZ-500, or SC-300 certification
Experience with Microsoft Purview, Intune, or Microsoft Compliance Center
Familiarity with FDA REMS systems, healthcare data workflows, or regulated environments
Experience integrating Sentinel with Teams, ServiceNow, or custom dashboards
Background in scripting (PowerShell, Python) for automation
What Youll Gain
Ownership of a growing security program
Exposure to cutting-edge Microsoft security tools
Opportunity to shape security operations and automation from the ground up
A collaborative environment that values innovation, compliance, and impact
Were seeking a Security Operations Analyst with hands-on experience in Microsofts security ecosystem to help us operationalize and optimize our threat detection, incident response, and automation capabilities. Youll work directly with the Information Security Manager to build out our SOC-lite environment, respond to threats, and design workflows that scale.
This is a high-impact role for someone who thrives in a fast-paced, lean environment and wants to shape the future of security operations from the ground up.
Responsibilities
Monitor and triage alerts across Microsoft Sentinel, Defender XDR, Defender for Endpoint, and Defender for Cloud
Build and maintain KQL queries, custom analytics rules, and SOAR playbooks using Logic Apps
Integrate security alerts with Microsoft Teams, ServiceNow, or other ticketing systems
Conduct incident investigations, root cause analysis, and containment actions
Collaborate with IT and DevOps to implement Zero Trust policies, RBAC, and secure configurations
Maintain documentation for playbooks, workflows, and escalation procedures
Assist in compliance efforts related to HIPAA, ISO 27001, and FDA REMS reporting systems
Contribute to automation and process improvement across the security lifecycle
Required Qualifications
2+ years in a security operations or cloud security role
1+ years working directly with Microsoft Sentinel and Defender suite
Proficiency in KQL, Logic Apps, and Microsoft 365 Security Center
Experience with incident response, threat hunting, and alert tuning
Strong understanding of MITRE ATT&CK, Zero Trust, and cloud security principles
Excellent written and verbal communication skills
Ability to work independently and collaboratively in a lean team
Qualifications
SC-200, AZ-500, or SC-300 certification
Experience with Microsoft Purview, Intune, or Microsoft Compliance Center
Familiarity with FDA REMS systems, healthcare data workflows, or regulated environments
Experience integrating Sentinel with Teams, ServiceNow, or custom dashboards
Background in scripting (PowerShell, Python) for automation
What Youll Gain
Ownership of a growing security program
Exposure to cutting-edge Microsoft security tools
Opportunity to shape security operations and automation from the ground up
A collaborative environment that values innovation, compliance, and impact