Lead Security Operations Engineer
About Subaru
LOVE.
It's what makes Subaru, Subaru®.
As a leading auto brand in the US, we strive to be More Than a Car Company®.
Subaru believes in being a positive force in the communities in which we live and work, not just with donations but with actions that set an example for others to follow.
That's what we call our Subaru Love Promise®.
Subaru is a globally renowned automobile manufacturer known for its commitment to innovation, safety, and sustainability.
With a rich history dating back to 1953, Subaru has consistently pushed the boundaries of automotive engineering to deliver vehicles that offer not only exceptional performance but also a unique blend of utility and adventure.
Subaru's company culture is built on collaboration, diversity, and a shared passion for our product.
We foster an inclusive environment that encourages employees to bring their unique perspectives and talents to the table.
Our team members are driven by a common goal: to create exceptional vehicles that inspire and delight our customers.
Role Summary
Maintains responsibility for the expansion and maintenance of our threat detection and incident response toolset working closely with our external Security Operations Center (SOC).
With a strong knowledge of and deep understanding of Microsoft security technologies, enhances our proactive monitoring, automation, and threat mitigation capabilities.
Major Responsibilities
* Deploys, configures, and manages Microsoft Sentinel SIEM (security information and event management) for enterprise-wide security event monitoring.
* Develops custom log ingestion from Microsoft and third-party sources into Sentinel.
* Helps create, fine-tune, and maintain Kusto Query Language (KQL) queries for advanced threat hunting and alert tuning.
* Maintains and optimizes Microsoft Defender configurations, including policies, exclusions, and response actions.
* Integrates threat intelligence feeds as needed into Sentinel for enhanced threat detection.
* Implements and manages Microsoft Defender for Cloud to monitor and secure Azure workloads.
* Supports Windows security hardening using Defender and Group Policy configurations.
* Develops Sentinel automation rules and workflows to reduce false positives and enhance alert accuracy.
* Continuously improves SIEM correlation rules, alerts, and response procedures.
Additional Responsibilities
* Improves Security Operations Center (SOC) efficiency through PowerShell scripting, API integrations, and automation.
* Monitors SOC escalations and security alerts from Microsoft Defender for Endpoint, Defender for Identity, Defender for Office 365, and Defender for Cloud.
Required Skills & Personal Qualifications
* Expertise in Microsoft Sentinel SIEM (security information and event management), including log ingestion, Kusto Query Language (KQL) queries, and automation.
* Hands-on experience with Microsoft Defender for Endpoint, Id...
- Rate: Not Specified
- Location: Camden, US-NJ
- Type: Permanent
- Industry: Finance
- Recruiter: Subaru of America, Inc.
- Contact: Not Specified
- Email: to view click here
- Reference: 1880
- Posted: 2025-03-21 07:09:35 -
- View all Jobs from Subaru of America, Inc.
More Jobs from Subaru of America, Inc.
- Sandblaster (Albany, OR)
- Quality Engineer (Euclid, OH)
- Parts Mover (Albany, OR)
- Project Planner
- Metallurgy Lab Technician (Euclid, OH)
- Manufacturing Supervisor - 2nd Shift (Euclid, OH)
- Metal Finisher (Albany, OR)
- Manufacturing Supervisor (Eastlake, OH)
- Grain Read Level III - $1,500 Sign On Bonus (Eastlake, OH)
- EHS Manager (Eastlake, OH)
- Director of Operations (Eastlake, OH)
- CNC Machinist - 2 shift
- Aerospace Product Engineer (Eastlake, OH)
- Postbote für Pakete und Briefe – Aushilfe/ Abrufkraft in Bad Oldesloe (m/w/d)
- Postbote für Pakete und Briefe – Aushilfe/ Abrufkraft in Neumünster (m/w/d)
- Medical Assistant- Delray, FL
- Occupational Therapy Assistant - PRN
- Speech-Language Pathologist - PRN
- Physical Therapist - PRN
- Charge Nurse - RN/ LVN