logo

View all jobs

Security Analyst - Microsoft Sentinel

Doha, Qatar
The incumbent requires to relocate to Doha, Qatar

Role Summary

We are seeking a proactive and skilled Security Analyst (L1/L2) with experience in Microsoft Sentinel to join our cybersecurity team. The ideal candidate will be responsible for monitoring, analyzing, and responding to security incidents and threats using Microsoft Sentinel. This role requires a strong understanding of security operations, threat detection, and incident response.

Responsibilities:
  • Monitor security alerts and events using Microsoft Sentinel.
  • Analyze security incidents and alerts to identify potential threats and vulnerabilities.
  • Perform initial triage and investigation of security incidents.
  • Respond to security incidents, including containment, eradication, and recovery.
  • Escalate complex incidents to L3 analysts or other relevant teams as needed.
  • Document and report security incidents and actions taken.
  • Develop and maintain detection rules and use cases in Microsoft Sentinel.
  • Conduct threat hunting activities to identify potential threats and vulnerabilities.
  • Utilize threat intelligence to enhance detection capabilities.
  • Assist in the implementation and maintenance of security tools and technologies.
  • Support vulnerability management and patching efforts.
  • Participate in security audits and assessments.
  • Work closely with IT and other teams to resolve security incidents and improve security posture.
  • Communicate findings and recommendations to stakeholders.
  • Provide input on security policies, procedures, and best practices.
Technical Skills:
  • Proven experience as a Security Analyst or in a similar role.
  • Hands-on experience with Microsoft Sentinel for security monitoring and incident response.
  • Strong understanding of SIEM (Security Information and Event Management) principles and practices.
  • Familiarity with security frameworks such as MITRE ATT&CK, NIST, and CIS.
  • Knowledge of network protocols, system logs, and common attack vectors.
  • Proficiency in using security tools such as EDR (Endpoint Detection and Response), IDS/IPS (Intrusion Detection System/Intrusion Prevention System), and firewalls.
  • Experience with scripting languages (e.g., Python, PowerShell) for automation and analysis.
  • Knowledge of cloud security, particularly within Microsoft Azure.
Preferred Qualifications:
  • Relevant certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), GIAC (Global Information Assurance Certification), or Microsoft Certified: Security, Compliance, and Identity Fundamentals.
  • Experience with other SIEM platforms.
  • Knowledge of incident response frameworks and methodologies.
  • Experience in a SOC (Security Operations Center) environment.
  • Understanding of regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI-DSS).

Share This Job

Powered by