Baringa - DefOps Engineer
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of experience in Security Operations, Incident Response, or a closely related defensive security role. • Strong proficiency with Microsoft Sentinel (KQL query development, analytics rules, workbooks) and Microsoft Defender XDR. • Good understanding of attacker techniques, tactics, and procedures (TTPs) and familiarity with the MITRE ATT&CK framework. • Experience leading or contributing to incident response investigations through the full IR lifecycle. • Strong KQL skills with the ability to write queries for detection, investigation, and hunting use cases. • Experience with vulnerability management processes and tools. • GIAC, CREST, or equivalent security certifications - or demonstrable equivalent experience. • Strong communication skills with the ability to brief technical and non-technical stakeholders on incident status, risk, and remediation actions. • What a career at Baringa will give you • Putting People First. • Baringa is a People First company and wellbeing is at the forefront of our culture. We recognise the importance of work-life balance and flexible working and provide our staff amazing benefits. Some of these benefits include: • Generous Annual Leave Policy: We recognise everyone needs a well-deserved break. We provide our employees with 5 weeks of annual leave, fully available at the start of each year. In addition to this, we have introduced our 5-Year Recharge benefit which allows all employees an additional 2 weeks of paid leave after 5 years continuous service. • Flexible Working: We know that the ‘ideal’ work-life balance will vary from person to person and change at different stages of our working lives. To accommodate this, we have implemented a hybrid working policy and introduced more flexibility around taking unpaid leave. • Corporate Responsibility Days: Our world is important to us, so all our employees get 3 every year to help social and environmental causes and increase our impact on the communities that mean the most to us. • Wellbeing Fund: We want to encourage all employees to take charge and prioritise their own wellbeing. We’ve introduced our annual People Fund to support this by offering every individual a fund to support and manage their wellbeing through an activity of their choice. • Profit Share Scheme: All employees participate in the Baringa Group Profit Share Scheme so everyone has a stake in the company’s success. • Diversity and Inclusion
Responsibilities
• Conduct advanced investigations escalated from the MDR SOC and internally identified threats, including root cause analysis, evidence gathering, containment, and remediation across Microsoft Sentinel and Defender XDR. • Support incident response activities through the full lifecycle - detection, analysis, containment, eradication, recovery, and lessons learned - and contribute to the development of IR playbooks and procedures. • Contribute to MSSP oversight and quality assurance - reviewing escalation quality, providing feedback, and participating in joint detection tuning sessions. • Develop and execute threat hunts based on threat intelligence, MITRE ATT&CK gap analysis, and incident learnings, converting findings into detection rules or tuning recommendations. • Author and deploy detection content (KQL analytics rules) in Microsoft Sentinel, supporting the team's efforts to expand MITRE ATT&CK coverage and reduce detection gaps. • Support vulnerability management activities, including assessment of identified vulnerabilities, prioritisation, and coordination with the Technology team on remediation. • Produce operational metrics and MI reporting in support of governance and stakeholder reporting. • Mentor junior analysts, providing technical guidance on investigations, KQL development, and threat analysis techniques.
No credit card. Takes 10 seconds.