ALTEN Romania is part of the ALTEN Group, Leader in IT and Engineering Consulting. We develop innovative and durable technical solutions that fulfill the needs of our local and international partners.

About the Role

Senior L3 specialist focused on proactive threat hunting, digital forensics, and Azure cloud

investigations within the SOC. Provides temporary backup to SOC analysts when needed, including occasional night

work.

A typical day might include the following:

• Conduct hypothesis-driven threat hunts across Azure environments using Microsoft Sentinel and Microsoft Defender.
• Perform advanced digital forensics, malware analysis, and incident timeline reconstruction.
• Document threat hunting playbooks and reflex sheets; mentor SOC analysts to increase maturity on this scope.
• Provide temporary backup to L2 analysts on demand, including nights/on-call if required.
• Collaborate with the build/use case factory teams on new detection use cases, scope increase and purple-team style exercises.

To ensure success in this role, you need the following experience and skills:

• 5+ years in SOC, incident response, threat hunting, or digital forensics, with hands-on Azure experience.
• Deep expertise in Microsoft Sentinel (KQL) and Microsoft Defender; strong Azure security knowledge (identities, networking, workloads).
• Advanced threat hunting techniques (including MITRE ATT&CK) and data forensics (memory, disk, and log analysis).
• EDR- Splunk.

Nice to have:

• GitLab, JFrog Artifactory, Kubernetes/AKS, YARA/Sigma rules.
• Certifications: SC-200 (Microsoft Security Operations Analyst), AZ-500 (Azure Security Engineer), AZ-104 (Azure Administrator); GCIH and/or GCFA are strong pluses.

Only eligible candidates will be contacted in a maximum of 2 weeks. Any information you provide is confidential.