
201 - 500 employees
🤖 Artificial Intelligence
🔒 Cybersecurity
Artificial Intelligence • Cybersecurity • Cloud
ProArch is a technology company that specializes in providing digital engineering, cloud services, data and AI solutions, and cybersecurity measures. They help businesses unleash their full potential by modernizing operations, protecting assets, and delivering data-driven insights. ProArch works closely with clients to eliminate roadblocks to growth and aligns advanced technology solutions with business goals to empower organizational success. As an award-winning Microsoft Gold Partner, they offer a wide range of services including AI consulting, software development, quality assurance, infrastructure management, governance, risk, and compliance solutions, and operational technology services. Their expertise extends to industries such as credit unions, power generation, and manufacturing, providing tailored solutions to meet each sector's unique challenges.
🕒 June 3
Improve your chances of getting an interview by checking your resume score before you apply.

201 - 500 employees
🤖 Artificial Intelligence
🔒 Cybersecurity
Artificial Intelligence • Cybersecurity • Cloud
ProArch is a technology company that specializes in providing digital engineering, cloud services, data and AI solutions, and cybersecurity measures. They help businesses unleash their full potential by modernizing operations, protecting assets, and delivering data-driven insights. ProArch works closely with clients to eliminate roadblocks to growth and aligns advanced technology solutions with business goals to empower organizational success. As an award-winning Microsoft Gold Partner, they offer a wide range of services including AI consulting, software development, quality assurance, infrastructure management, governance, risk, and compliance solutions, and operational technology services. Their expertise extends to industries such as credit unions, power generation, and manufacturing, providing tailored solutions to meet each sector's unique challenges.
• Lead and support advanced security incident investigations across multiple customer environments • Perform: Threat triage and validation • IOC analysis and threat correlation • Endpoint and identity investigations • Email security investigations • Cloud security incident analysis • Root cause analysis • Investigate and respond to: Account compromise incidents • Business Email Compromise (BEC) • Malware and ransomware activity • Privilege escalation • Lateral movement activity • Suspicious cloud and identity-based attacks • Advanced phishing and social engineering campaigns • Coordinate containment, remediation, and recovery activities with customer and internal teams • Support high-severity incident escalation handling and response coordination • Provide detailed investigation findings, timelines, impact assessments, and response recommendations • Conduct proactive threat hunting and threat validation activities where required • Support digital forensics and evidence collection activities when applicable • Design, develop, and maintain advanced detection rules across: Microsoft Sentinel • Microsoft Defender XDR • Develop and optimize: KQL queries • Analytics rules • Correlation logic • Detection use cases • Perform: Detection tuning • False positive reduction • Behavioral baselining • Threat-based detection improvements • Build and maintain reusable detection content and query libraries • Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques • Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage • Design and implement SOC automation workflows using: Microsoft Sentinel Playbooks • Logic Apps • SOAR platforms • API-driven integrations • Build workflows for: Alert enrichment • Incident routing • Automated containment actions • Threat intelligence enrichment • Ticket synchronization • Investigation acceleration • Develop scalable automation frameworks to improve SOC operational efficiency • Support continuous optimization of SOC workflows and automation coverage • Create automation standards and reusable workflow templates across customer environments • Provide hands-on operational support, investigation, tuning, administration, and engineering for: Microsoft Defender for Endpoint (MDE) • Microsoft Defender XDR • Microsoft Defender for Identity (MDI) • Microsoft Defender for Office 365 (MDO) • Microsoft Defender for Cloud Apps (MDCA) • Microsoft Purview • Microsoft Identity Protection / Entra ID • Microsoft Sentinel • Support detection and response activities related to: AI-orchestrated attacks • Identity-based attacks • Cloud-native threats • Advanced phishing and social engineering campaigns • Leverage AI-assisted SOC operations and automation capabilities where applicable • Support modern detection strategies aligned with evolving attacker techniques • Evaluate opportunities to integrate AI-driven efficiencies into detection, investigation, and response workflows • Participate in customer incident discussions and escalation calls when required • Support onboarding of new customer environments and security integrations • Maintain: Investigation playbooks • SOPs • Workflow documentation • Operational runbooks • Detection documentation • Collaborate closely with: SOC Operations • Security Engineering • Vendors • Consulting teams • Customer stakeholders • Support operational improvement initiatives across SOC and DFIR functions
• Bachelor’s Degree / Graduation in: Computer Science/Information Technology/Cybersecurity or related technical field is mandatory • 6-9 years of overall cybersecurity experience • Strong hands-on experience in: Incident Response • Threat Investigation • SOC Operations • Detection Engineering • DFIR activities • Prior Incident Response Analyst experience is highly preferred • Experience working within MSSP environments preferred • Experience supporting or collaborating with US-based teams/vendors preferred • Proven hands-on experience with SOAR platforms in enterprise or MSSP environments • Strong experience designing and implementing SOC automation workflows from scratch • Experience supporting enterprise Security Operations Center (SOC) environments • Experience with detection engineering and SIEM rule development • Strong hands-on experience with: Microsoft Defender for Endpoint (MDE) • Microsoft Defender XDR • Microsoft Defender for Identity (MDI) • Microsoft Defender for Office 365 (MDO) • Microsoft Defender for Cloud Apps (MDCA) • Microsoft Purview • Microsoft Identity Protection / Entra ID • CrowdStrike Falcon • Threat Intelligence platforms • Microsoft Sentinel (Mandatory) • Defender XDR SIEM operations (Mandatory) • Graph API • Datto Autotask or equivalent ticketing systems • Email security solutions • Endpoint Detection & Response (EDR) platforms • Identity and authentication platforms • Cloud security technologies • Detection Engineering & Automation • Strong experience creating: Detection rules • Analytics rules • KQL queries • Detection tuning and fine-tuning • Experience with: SOC workflow design • SOC automation • SOAR engineering • API integrations • Workflow orchestration • Understanding of: MITRE ATT&CK • Threat detection methodologies • Threat hunting methodologies • AI-driven attack techniques • AI use cases in SOC operations • Preferred experience with: PowerShell • Python • REST APIs • Logic Apps • KQL (Mandatory) • Preferred Certifications: Microsoft SC-200 • Microsoft SC-401 • Microsoft AZ-500 • Microsoft SC-900 • Microsoft SC-100 • CISSP • Security Automation / SOAR Automation / SOAR Certifications • Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams • Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams • Strong documentation and technical writing capabilities for investigations, workflows, SOPs, and operational procedures • Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment • Self-driven, proactive, and highly organized with strong ownership and accountability • Strong analytical, troubleshooting, and problem-solving skills • Comfortable managing multiple projects, priorities, and operational initiatives simultaneously • Team-oriented mindset with the ability to operate effectively as an individual contributor • Professional communication and coordination skills for working with US-based teams and vendors • Adaptable and flexible to evolving operational and business requirements
Apply Now