AP
Job Description
• Build and optimise SIEM and SOAR use cases in Microsoft Sentinel and Azure Log Analytics
• Connect and ingest logs from various sources including on‑premises systems into Sentinel
• Develop analytic rules, workbooks, playbooks, and notebooks for threat detection and response
• Write Kusto Query Language (KQL) queries for data normalisation and log parsing
• Automate incident response and integrate use cases into DevOps CI/CD workflows
• Develop automation scripts and notebooks using Python or similar scripting languages