Keep skills up to date with IT industry standards as appropriate to the role/contract.
What you ll need
Prior experience as a network or system administrator is a sereous plus
3+ years experience in a SOC analyst role
Azure Sentinel Microsoft KQL Microsoft E5 security stack: Defender for Endpoint, Defender for Identity, Defender for O365, Defender for CloudApps Defender for Cloud
Malware incident analysis - ability to interpret sandbox results, perform basic static and maldoc analysis.
Phishing campaigns - ability to interpret email headers
Good knowledge on TTPs used by various threat actors (Mitre Attack) and how to detect them.
Ability to create detection hypothesis and the queries to confirm it.
Ability to spot repeat alerts and to suggest rule tunings Ability to follow existing playbooks but also to suggest improvements on them.
Good understanding of IT Infrastructure landscape and the various components especially active directory, Kerberos.
Good knowledge of Windows security logs. Good understanding of network technologies.
Good understanding of Azure O365 Cloud and the security technologies around it.
Prior experience with SIEM and EDR tools is mandatory, NDR is a plus.
Ability to wite detection queries in any language SPL, EKQL, MS-KQL, ArcSight