Senior Cyber Defender (SOC) - Remote Kosovo

As a leading provider of AI-powered extended managed detection and response (MXDR) services, Ontinue is on a mission to be the most trusted, 24/7, always-on security partner that empowers customers to embrace the future by using AI to operate more strategically, at scale, and with less risk. We believe that the combination of AI and human expertise is essential for delivering effective managed security that is tailored to a customer’s unique environment, operational constraints, and risks.

Our MXDR service combines powerful proprietary AI with a one-of-a-kind collaboration model to continuously build a deep understanding of our customers’ environments, informing how we prevent, detect, and respond to threats. Our unrivaled Microsoft expertise allows customers to achieve these outcomes with the Microsoft Security tools they already own. The result is highly localized managed protection that empowers security teams to be faster, smarter, and more cost efficient than ever before. 

Continuous protection. AI-powered Nonstop SecOps. That’s Ontinue. 

The primary responsibility of a Cyber Defender is to meticulously monitor the client's 
environment, swiftly detect any security incidents or suspicious activities, and promptly 
respond to mitigate potential threats as well as lend leadership to the more junior 
members of the team. 

Cyber Defender conduct thorough investigations into security alerts, employing advanced 
forensic analysis techniques to identify the root causes of incidents and determine 
appropriate remediation actions. Their proactive approach helps prevent and mitigate 
cyber threats, ensuring the resilience and security of clients' infrastructures against 
adversaries.

Key Responsibilities:

Comprehensive Security Monitoring:
Utilize Azure Sentinel and other MXDR tools to conduct comprehensive security
monitoring within Microsoft environments, including Azure, Microsoft 365, and onpremises infrastructure.

Advanced Threat Detection:

Leverage your expertise in Azure Sentinel to develop and fine-tune correlation rules,
custom queries, and playbooks for advanced threat detection and response, ensuring
timely identification and mitigation of security incidents.

Incident Response Leadership:
Lead incident response efforts within the SOC, coordinating with internal and external
stakeholders to contain, mitigate, and remediate security incidents effectively,
minimizing impact and restoring normal operations swiftly.

Leadership Within the Team:
Champion a collaborative and proactive approach within the SOC team, guiding junior
analysts in effectively utilizing Azure Sentinel and other tools for comprehensive
security monitoring across Microsoft environments. Foster a culture of continuous
learning and knowledge sharing, providing mentorship and guidance to team
members to enhance their skills in threat detection and incident response.

Threat Hunting Excellence:

Proactively hunt for security threats and vulnerabilities within Microsoft
environments, leveraging threat intelligence, data analytics, and advanced techniques
to identify and mitigate potential risks before they escalate into security incidents.

Compliance and Reporting:
Ensure compliance with regulatory requirements and industry standards by
maintaining detailed documentation of security incidents, investigation findings, and
remediation actions taken, providing accurate and timely reports to clients and
internal stakeholders.

Certifications:
Possess relevant cybersecurity certifications such as Certified Information Systems
Security Professional (CISSP), Certified Ethical Hacker (CEH), Microsoft Certified: Azure
Security Engineer Associate, or CompTIA Security+, demonstrating expertise in
cybersecurity principles and best practices.

Microsoft Security Stack Proficiency:
Extensive experience working with the Microsoft security stack, including Azure
Sentinel, Microsoft Defender for Endpoint, Azure Security Center, and Microsoft 365
Defender, with a deep understanding of their capabilities, configuration, and
integration for effective threat detection and response.

Technical Skills:
Proficiency in log analysis, scripting (e.g., PowerShell), and familiarity with network
protocols and operating systems, enabling you to effectively analyze security events,
develop custom detections, and automate response actions within Microsoft
environments.

Communication Abilities:
Excellent communication skills, both verbal and written, with the ability to articulate
complex technical concepts to non-technical stakeholders, facilitate collaboration
within the SOC team, and provide clear and concise incident reports and
recommendations.

Leadership Experience:
Demonstrated leadership experience in incident response, including incident
coordination, stakeholder communication, and crisis management, with the ability to
remain calm and focused under pressure while guiding the team towards successful
resolution.

What We Offer

We have been recognized as a top place to work! In addition to a competitive salary, we also offer great benefits and access to management and Microsoft training.

Come as you are!  We search for amazing people of diverse backgrounds, experiences, abilities, and perspectives. Ontinue welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, disability, or veteran status.

Next Steps

If you have the skills and experience required and feel that Ontinue is a place you can belong, we would love to get to know you better! Please drop an application to this role and our talent acquisition manager will be in touch to discuss further.

Learn more: www.ontinue.com