Lead Security Operations Analyst

Our Company

At Teradata, we empower people with better information, creating the most integrated cloud analytics platform for AI. Our unified data and trust in AI enhance customer experiences across every major industry, allowing the world's leading companies to drive performance and innovation.

What You'll Do

We are looking for a seasoned Lead Security Operations Analyst to join our dynamic Security Operations Center (SOC) team.

In this senior role, you will leverage your extensive knowledge of Microsoft security technologies while mastering automation and threat detection. You'll excel at hands-on technical work while guiding junior analysts to enhance our security framework through proactive measures.

Key Responsibilities

• Design and implement advanced detection rules and alerts in Microsoft Sentinel to uncover emerging threats.
• Tune and optimize existing alerts to minimize false positives while preserving effective detection.
• Create and maintain interactive playbooks for automated incident response and orchestration.
• Develop automation solutions that enhance SOC operations and speed up incident responses.
• Act as a senior escalation point for complex security incidents requiring detailed analysis.
• Conduct in-depth threat hunting with Microsoft Sentinel and Defender to proactively identify security issues.
• Utilize Microsoft Defender for Endpoint for advanced detection and response on threats.
• Analyze security telemetry and logs, spotting trends and identifying vulnerabilities.
• Provide mentorship and technical guidance to junior SOC analysts.
• Document security procedures and detection logic for compliance and knowledge sharing.
• Stay updated on emerging threats and advancements in the Microsoft security platform.

Who You'll Work With

You will engage with Azure infrastructure teams, implementing best practices to maintain a robust security framework.

What Makes You a Qualified Candidate

• Expertise in Microsoft Sentinel, including KQL, alert analytics, and threat intelligence integration.
• Proficiency in Microsoft Defender for Endpoint, focusing on advanced detection and investigation workflows.
• Strong knowledge of the Azure platform, including Azure AD/Entra ID, Security Center, and identity protection.
• 5+ years in security operations or incident response roles in cybersecurity.
• Experienced in crafting detection rules, playbooks, and automation in SIEM environments.
• Strong understanding of threat actors' tactics, techniques, and procedures (TTPs), aligned with MITRE ATT&CK.
• Familiarity with scripting languages like PowerShell or Python for automation.
• Ability to operate independently and handle high-pressure scenarios effectively.

What You'll Bring

• Exceptional communication skills, capable of translating technical concepts for diverse audiences.

Why We Think You'll Love Teradata

We value a people-first culture, offering flexibility in work models. We focus on well-being, supporting personal and professional growth while fostering an inclusive environment that appreciates diverse perspectives.

Pay Rate: 111800.0000 - 139800.0000 - 167700.0000 Annually

Compensation will depend on location and individual qualifications, with opportunities for incentive plans based on performance. Employees receive comprehensive benefits, including healthcare, retirement savings plans, and paid time-off options. Full details will be discussed during the hiring process.