At Fujitsu, our purpose is to make the world more sustainable by building trust in society through innovation. Founded in Japan in 1935, Fujitsu has been a pioneer in technology and innovation for decades. Today, as a world-leading digital transformation partner, we are committed to transforming business and society in the digital age.

With approximately 130,000 employees across over 50 countries, Fujitsu offers a broad range of products, services, and solutions. We collaborate with our customers to co-create solutions that drive enterprise-wide digitalization while actively working to address social issues and contribute to the United Nations Sustainable Development Goals (SDGs).

Job Description

• Investigate complex security incidents escalated from L1
• Perform detailed log analysis using KQL in Microsoft Sentinel
• Correlate events across Defender XDR, Azure AD/Entra ID, M365, endpoints, and network sources
• Identify true positives, scope of compromise, and attack patterns
• Support containment actions (account disablement, endpoint isolation, token revocation, etc.)
• Conduct threat hunting activities
• Tune and optimize analytics rules to reduce false positives
• Maintain clear investigation documentation in ticketing systems
• Participate in incident reviews and continuous improvement initiatives

Required Technical Skills

• 5–8 years of SOC experience
• Minimum 5 years hands-on experience inSOC/ Microsoft Sentinel
• Strong knowledge of KQL (Kusto Query Language)
• Experience with log analysis (Windows, Azure, M365, firewall, proxy, EDR)
• Understanding of Microsoft Defender XDR ecosystem
• Knowledge of Azure AD / Entra ID security events
• Familiarity with MITRE ATT&CK framework
• Understanding of phishing, malware, lateral movement, and account compromise scenarios
• Experience with incident response processes

• Strong analytical and investigation skills
• Ability to determine attack scope and impact
• Clear and structured documentation ability
• Ability to work in 24x7 shift model

Certifications (Preferred)

• Microsoft SC-200 (Security Operations Analyst)
• Microsoft AZ-500 (Azure Security Engineer)
• CompTIA Security+
• CEH (Certified Ethical Hacker)
• ECIH ( Incident Handler)