KQL Developer for Microsoft Sentinel in the area of SAP

Anywhere (100% remote)

About Swiss Security Hub AG

We're an independent, fully remote SAP cybersecurity startup working on large, complex projects for international clients. As a global team we seek excellence from around the world.

Our core solution is a global unique SAP Security & Compliance Platform which we offer to the global base of over 400’000 SAP clients, including governments and well-known companies from all industries. Security Hub aims to actively support organizations in maintaining compliance and improving their SAP cyber resilience.


Work Area: Cybersecurity
Work Location: 100% remote (meetings in CET timezone)
Expected Travel: 0%
Career Status: Junior
Employment Type: Freelance Contractor or temporary part-time contract
Days per week: 1 to 2 days

Swiss Security Hub is not offering visa sponsorship for this role at this time.


About the Role

Join our innovative cybersecurity team as a KQL Developer, where you will play a critical role in enhancing our security posture by leveraging Microsoft Sentinel. You will be instrumental in developing customer-specific analytics rules to monitor security-relevant SAP log data replicated in Microsoft Log Analytics. 


Key Responsibilities

  • Design, develop, and implement KQL (Kusto Query Language) scripts for Microsoft Sentinel to create advanced analytics rules.
  • Extract and analyze security-relevant data from SAP systems, ensuring accurate replication in Microsoft Log Analytics.
  • Collaborate with cybersecurity analysts to understand specific security requirements and translate them into effective monitoring solutions.
  • Continuously review and optimize existing queries and rules to improve performance and accuracy.
  • Assist in the integration of Microsoft Sentinel with other security tools and systems.
  • Provide technical support and training to team members on KQL and Microsoft Sentinel functionalities.
  • Stay updated with the latest advancements in Microsoft technologies and cybersecurity trends.


Must-Haves

  • Proficiency in KQL with proven experience in developing analytics for Microsoft Sentinel.
  • Strong understanding of SAP systems and their security logs.
  • Experience with data analysis and security monitoring in a cloud environment, preferably Microsoft Azure.
  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
  • Excellent problem-solving skills and the ability to think analytically.
  • Strong communication and collaboration skills.
  • Ability to work independently and as part of a team.
  • Detail-oriented with a strong emphasis on accuracy and effectiveness.


Nice-to-haves

  • Certifications related to Microsoft Azure, particularly those focusing on Azure Security, Sentinel, or Cloud Architecture
  • Knowledge of programming or scripting languages such as PowerShell, Python, or JavaScript.
  • Familiarity with regulations and standards such as GDPR, ISO 27001, etc.


What we have to offer

  • 100% fully remote company with work anywhere DNA
  • A young, diverse, and very dynamic team
  • Option to invest in the company later via ESOP
  • Between 2 and 4 workation events per year for strategic planning and team-building (expenses covered)
  • The opportunity to quickly take on responsibility and contribute to the design of state-of-the-art SAP security software

KQL Developer for Microsoft Sentinel in the area of SAP

Job description

KQL Developer for Microsoft Sentinel in the area of SAP

Personal information
Add
Professional data
Add
Add
Add