Security Analyst with Azure Sentinel

You’ll know A1 Bulgaria is the right place for you if you are driven by:

• Opportunities to learn and build your career;
• Meaningful work in a stable and fast-paced company;
• Diversity of people, projects, and platforms;
• A supportive, fun, and inspiring place to work.

Would you like to join us?

We are looking for a new team member.

Your daily routine would include:

• Monitoring and triaging alerts and incidents in Azure Sentinel and Microsoft Defender ecosystems;
• Performing structured initial investigations such as event timeline reconstruction, IOC validation (IP reputation, URL check, hash analysis), host and user context enrichment;
• Implementing guidelines and SOPs during incident triage, while suggesting improvements when gaps are identified;
• Document all findings, triage steps, and decisions in the ticketing platform;
• Supporting knowledge transfer through shift handovers and team briefings;
• Participate in training sessions and continuously updating technical skills based on the SOC’s evolving needs;
• Contributing to Sentinel detection rule suggestions or automation guides based on recurring false positives;

We’ll know you can make it if you have:

• Solid understanding of Azure Sentinel operations, including alert triage, incident investigation, and the use of workbooks and hunting queries;
• Hands-on experience with Microsoft Defender for Endpoint, Defender for Identity, and Defender for Office 365;
• Understanding of security event types such as authentication anomalies, endpoint threats, network detection alerts, and email security threats;
• Competent in incident triage and initial investigation steps, including basic correlation of events and IOC enrichment;
• Familiarity with ticketing systems (e.g., ServiceNow) for incident lifecycle management;
• Working knowledge of core security concepts: SIEM, EDR, IOC, MITRE ATT&CK, threat intelligence basics;
• Ability to prioritize and manage multiple alerts/incidents during peak periods;
• Availability for On-call duty per schedule;
• Certifications such as Microsoft SC-200, SC-900, or equivalent training paths is a plus.

Our gratitude for the job done will be eternal, but we’ll also offer you:

• Innovative technologies and platforms to “play” with;
• Modern working environment for your comfort;
• Friendly, ambitious, and motivated teammates to support each other;
• Thousands of online and in-person learning opportunities to grow;
• Challenging assignments and career development opportunities in multinational environment;
• Attractive remuneration package;
• Flexible working schedule and opportunity for home office;
• Numerous additional goodies, including, but not limited to free A1 services, discounts, health insurance and services, sports center, childcare, team and family events, etc.

Sounds good? Apply now!