accesa.eu

Security Operations Center Architect

accesa.eu

full-time

Posted on:

Location Type: Remote

Location: Romania

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureCloudCyber SecurityLinux

About the role

  • Architect the Modern SOC → Lead the end-to-end design of a cloud-native SOC, defining the strategy, Azure technical architecture, and operational model aligned with Zero Trust and business needs.
  • Translate Risk into Detection → Convert abstract security strategies and business risks into actionable detection logic by designing and maintaining advanced analytics rules using KQL in Microsoft Sentinel.
  • Optimize Security at Scale → Design cost-efficient ingestion and retention strategies, including Log Tiering (Analytics, Basic, Archive), balancing visibility, performance, and Azure ingestion costs.
  • Engineer SIEM & XDR Integrations → Architect seamless integrations between Microsoft Sentinel and the Microsoft Defender XDR suite (MDE, MDI, MDA, MDO), enabling bi-directional synchronization and enriched incidents.
  • Automate Response & Operations → Design and implement advanced SOAR playbooks using Azure Logic Apps or Power Automate to automate incident enrichment, response, and containment actions.
  • Enable Operational Excellence → Define SOC workflows, incident response processes, health monitoring, and KPI visualization (MTTD, MTTR, FPR), while mentoring Tier 3 analysts and ensuring sustainable operations.

Requirements

  • Deep hands-on experience with Microsoft Sentinel, Log Analytics Workspaces, and the Defender XDR ecosystem.
  • Advanced proficiency in Kusto Query Language for analytics rules, hunting queries, and performance optimization.
  • Strong experience designing automation using Azure Logic Apps, Power Automate, and SOAR concepts.
  • Proven experience designing SOC architectures, Log Analytics Workspace topologies, and MSSP models using Azure Lighthouse.
  • Solid understanding of NIDS/NIPS, Windows/Linux security, and hybrid log ingestion (CEF, AMA, CCF).
  • 5+ years in Cyber Security, SOC, Incident Response, or Security Engineering, with the ability to bridge technical execution and executive strategy.
  • Security certifications such as Microsoft SC-100, SC-200, or industry equivalents such as CISSP or CISM are nice to have.
Benefits
  • Our wellbeing program includes medical benefits, gym support, and personalised fitness options for an active lifestyle, complemented by team events and the Healthy Habits Club.
  • Having a one-size-fits-one approach gives us the flexibility to define the work-life dynamic that works for us.
  • We believe that to maintain our overall health, we need to invest in our mental wellbeing just as much as we do in our physical health, social connections or in achieving work-life balance.
  • As a growing community in a hybrid environment, we want to ensure we remain connected not just by the great work we do every day but through our passions and interests.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Kusto Query LanguageAzure Logic AppsPower AutomateSOARMicrosoft SentinelLog Analytics WorkspacesDefender XDRLog TieringNIDSNIPS
Soft Skills
mentoringincident responseoperational excellencecommunicationstrategic thinking
Certifications
Microsoft SC-100Microsoft SC-200CISSPCISM