SecOps Engineer (Vulnerability Management)
Key Responsibilities
Shift Leadership & Incident Response
- Lead SOC shifts: manage alert queues, assign cases, ensure SLA compliance, and deliver quality handovers.
- Investigate and respond to security incidents using Microsoft Defender for Endpoint and Microsoft Sentinel.
- Execute incident response playbooks and document RCA for continuous improvement.
Vulnerability Management
- Operate vulnerability scanning and remediation cycles; prioritize based on CVSS, EPSS, and asset criticality.
- Collaborate with IT teams to close vulnerabilities within SLA and track exceptions.
Threat Hunting & Detection Engineering
- Conduct proactive hunts using MITRE ATT&CK-based hypotheses.
- Develop and tune detection rules in Microsoft Sentinel and Defender for Endpoint.
Zscaler Administration
- Manage Zscaler ZIA/ZPA policies, troubleshoot access issues, and monitor logs for anomalies.
- Collaborate with network teams to refine zero-trust access controls.
Reporting & Stakeholder Communication
- Prepare and present operational reports (incidents, vulnerabilities, KPIs) to leadership.
- Translate technical findings into actionable insights for executives.
Required Qualifications- 58 years in Security Operations / SOC / Incident Response.
- Hands-on experience with Microsoft Sentinel, Microsoft Defender for Endpoint, and Zscaler.
- Proven Shift Lead experience in a 247 SOC environment.
- Strong skills in Threat Hunting, detection tuning, and vulnerability management.
- Excellent communication and presentation skills for executive reporting.
Nice-to-Have- Familiarity with SOAR automation in Microsoft Sentinel.
- Cloud security experience (Azure/M365).
- Scripting (PowerShell/Python) for automation and reporting.
- Certifications: SC-200, SC-300, Zscaler Certified Professional, Security+, CySA+.
Tools & Technologies- SIEM: Microsoft Sentinel
- EDR: Microsoft Defender for Endpoint
- Zero Trust: Zscaler ZIA/ZPA
- VM: Qualys/Tenable/Rapid7
- Automation: PowerShell, Python
