Dutech’s Job

Knowledge, Skills, and Abilities (KSAs)

Knowledge of:

• Microsoft Sentinel architecture, SOAR, and UEBA capabilities.
• Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD.
• Security operations processes (triage, threat detection, incident response, threat modeling).
• MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts.
• Programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent).
• CI/CD pipelines, DevOps practices, and Git-based version control.
• API integrations and JSON/YAML structures.

Skills in:

• Building Logic App workflows and custom Sentinel automation playbooks.
• Writing complex KQL queries for analytics, hunting, and behavioral detection.
• Developing custom connectors, data maps, and parsers.
• Designing and optimizing UEBA detection models.
• Debugging SOAR workflows and resolving integration issues.
• Communicating technical information clearly to both technical and non-technical audiences.

Abilities to:

• Work independently and take ownership of complex development tasks.
• Translate security requirements into scalable technical solutions.
• Analyze threat behaviors and develop meaningful detections.
• Work collaboratively with cybersecurity, infrastructure, and application teams.
• Manage multiple work assignments and meet deadlines.

1. CANDIDATE SKILLS AND QUALIFICATIONS