At Fujitsu, we've been driven to create a sustainable world through innovation since 1935. Today, we lead in digital transformation globally with our 130,000 employees across 50+ countries. We empower our diverse community to achieve greatness through career development and opportunities. Explore our internal positions and join us in shaping a brighter future. Thank you for being a part of Fujitsu. We look forward to growing together toward a brighter future.

Job Description

• Investigate complex security incidents escalated from L1
• Perform detailed log analysis using KQL in Microsoft Sentinel
• Correlate events across Defender XDR, Azure AD/Entra ID, M365, endpoints, and network sources
• Identify true positives, scope of compromise, and attack patterns
• Support containment actions (account disablement, endpoint isolation, token revocation, etc.)
• Conduct threat hunting activities
• Tune and optimize analytics rules to reduce false positives
• Maintain clear investigation documentation in ticketing systems
• Participate in incident reviews and continuous improvement initiatives

Required Technical Skills

• 5–8 years of SOC experience
• Minimum 5 years hands-on experience inSOC/ Microsoft Sentinel
• Strong knowledge of KQL (Kusto Query Language)
• Experience with log analysis (Windows, Azure, M365, firewall, proxy, EDR)
• Understanding of Microsoft Defender XDR ecosystem
• Knowledge of Azure AD / Entra ID security events
• Familiarity with MITRE ATT&CK framework
• Understanding of phishing, malware, lateral movement, and account compromise scenarios
• Experience with incident response processes

• Strong analytical and investigation skills
• Ability to determine attack scope and impact
• Clear and structured documentation ability
• Ability to work in 24x7 shift model

Certifications (Preferred)

• Microsoft SC-200 (Security Operations Analyst)
• Microsoft AZ-500 (Azure Security Engineer)
• CompTIA Security+
• CEH (Certified Ethical Hacker)
• ECIH ( Incident Handler)