Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Sporty Group

Senior Operations Engineer

Sporty Group

Senior Purple Operations Engineer tuning security tools for high-quality alerts at Sporty Group. Collaborating with security teams on incident detection and response processes.

Posted 5/22/2026full-timeRemote • 🇪🇺 Anywhere in EuropeSeniorWebsite

Tech Stack

Tools & technologies
CloudPython

About the role

Key responsibilities & impact
  • Tune EDR, SIEM, and XDR detections to reduce false positives and improve alert quality.
  • Build and maintain detection rules, correlation searches, dashboards, watchlists, and response workflows.
  • Translate Red Team, Purple Team, incident, and Threat Intelligence findings into repeatable defensive checks.
  • Validate that EDR policies, prevention rules, logging, sensor health, and response actions work as expected.
  • Review noisy alerts and tune thresholds, exclusions, lookups, entity context, and suppression logic.
  • Support SOC analysts with clear alert descriptions, triage steps, severity logic, and escalation guidance.
  • Improve log coverage, parsing, field normalization, enrichment, and data quality.
  • Map detections to MITRE ATT&CK where useful. ATT&CK is widely used to describe adversary tactics and techniques based on real-world observations.
  • Write portable detection content using formats such as Sigma, which is designed as a generic signature format for SIEM detections.
  • Track detection gaps, false positive trends, alert health, and platform performance

Requirements

What you’ll need
  • Experience tuning EDR, SIEM, XDR, or SOC monitoring platforms.
  • Strong understanding of endpoint, identity, cloud, network, and web attack behaviors.
  • Practical experience writing detection logic in KQL, SPL, EQL, Lucene, Sigma, YARA, or similar.
  • Familiarity with MITRE ATT&CK mapping and detection coverage analysis.
  • Ability to turn Red Team, Purple Team, and incident findings into clear detection logic.
  • Experience reducing false positives through rule tuning, exceptions, automation, and better entity context. Microsoft Sentinel supports this through automation rules and analytics rule changes.
  • Strong scripting ability in Python, PowerShell, Bash, or similar.
  • Good understanding of SOC workflows, incident triage, escalation, and response playbooks.
  • Strong documentation skills.

Benefits

Comp & perks
  • A competitive salary + individual performance based bonuses every quarter
  • 28 days paid annual leave
  • Our core working hours are 10am-3pm in your local time zone with flexibility outside of this
  • Referral bonuses & flash bonuses
  • Top of the line equipment
  • Annual company retreats to provide great internal networking opportunities

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
EDRSIEMXDRKQLSPLEQLLuceneSigmaYARAPython
Soft Skills
documentation skillsalert triageescalation guidanceclear communicationincident response