Security Operations Center (SOC) Analyst (m/f/x)

Deine Aufgaben

• You monitor security alerts, incidents, and logs in SIEM.
• You identify threats and suspicious activity in Entra ID (Azure AD) logs.
• You investigate alerts in Defender XDR across endpoints, identities, email, and cloud.
• You triage alerts and escalate incidents when needed.
• You document incidents, investigation steps, and lessons learned.
• You perform proactive threat hunting using multiple log sources.
• You correlate alerts across identity, endpoint, and network layers.
• You tune alert rules to reduce false positives.
• You collaborate with IT, DevOps, and application teams to resolve incidents.
• You recommend improvements to detection rules, playbooks, and response workflows.
• You contribute to SOC documentation, runbooks, and SOPs.

Dein Profil

• You have 2–4 years as SOC Analyst, Security Analyst, or similar role.
• You have strong knowledge of SIEM operations (Microsoft Sentinel preferred).
• You have hands-on experience with Microsoft Defender XDR tools (Endpoint, Identity, Email, Cloud Apps).
• You have experience analyzing Entra ID (Azure AD) logs for authentication and identity attacks.
• You are familiar with malware, phishing, and cloud-based threats.
• You hold Microsoft certifications (e.g., SC-200) or other relevant security certifications.
• You speak English fluently and work effectively in an international team.

Warum Wir?

• Flexible working hours: Manage your workday autonomously. 
• neoshare-Health: We offer our employees an additional health insurance with dental coverage and a Multisport card. 
• Remote-Work: While our beautiful Sofia office is always open, we make it possible to work remotely
• Equipment: Our colleagues can choose their hardware (between MacBook Pro and Lenovo). 
• Vacation: We offer 26 days paid leave. 
• Bonus: We offer a 13th salary in December.