Security Operations Engineer (She/ He/ They)

Capco is a fully independent, global management and technology consultancy with 25 years of experience delivering business consulting, digital transformation, and technology services to Finance and Energy markets.

• Hands-on experience with SIEM platforms, preferably Microsoft Sentinel
• Proven track record in creating, tuning, and testing detection rules
• Proficiency in Python, PowerShell, Bash, or similar scripting languages for automation
• Strong English communication skills with ability to lead stakeholder workshops
• Understanding of cloud platforms (Azure, AWS), operating systems (Windows, Linux), and database environments (SQL, Oracle)
• Ability to work independently in a dynamic, high-volume onboarding environment

Nice to have:

• Experience in threat modelling and defining threat profiles
• Familiarity with DORA or other regulatory frameworks in financial services

• Detection Engineering: Design, build, and optimize SIEM detection rules, focusing on Microsoft Sentinel
• Testing & Automation: Develop and execute test cases for detection logic; automate validation processes using scripting
• Application Onboarding: Support onboarding of critical applications into the security monitoring ecosystem
• Requirements Gathering: Collaborate with application teams to define logging requirements and detection use cases
• Workshop Facilitation: Lead and moderate workshops with stakeholders to align on threat scenarios and security capabilities
• Technical Documentation: Produce clear and comprehensive documentation covering detection logic, threat models, and validation results
• Collaboration: Work closely with SOC, engineering, and red teams to enhance alert fidelity and incident response effectiveness
• Compliance Delivery: Contribute to threat verification and ensure deliverables meet ALaM program and DORA milestones

We are looking for Poland based candidate. We strongly advise verifying identities before engaging in recruitment communication. All official Capco communication will be conducted via a Capco recruiter.