SIEM Platform Ownership: Manage and optimize the SIEM stack (Cribl, MS Sentinel), including data integration, performance tuning, and log source onboarding.
Threat Detection & L3 Response: Design advanced detection use cases and lead deep-dive investigations (Level 3) for complex security incidents.
Security Architecture & AppSec: Support application teams with threat modeling, secure design reviews, and the integration of SAST/DAST into SDLC pipelines.
Vendor & Service Steering: Act as the primary technical lead for external SOC/MSSP providers, ensuring SLA compliance and high-quality deliverables.
Governance & Documentation: Author operational runbooks and define security requirements to ensure compliance and audit-ready documentation.
How to convince us
Technical Expertise: Extensive hands-on experience with Microsoft Sentin...