Strength. Care. Growth
A1 Competence Delivery Center is a vital component of A1’s telecommunications business. Acting as an expertise hub, CDC is dedicated to delivering a full range of high-quality IT, network, financial and other services to support A1’s operations across all OpCos, independent of location.
Using the power of being OneGroup and leveraging synergies, CDC enables transparency of resources, key skills and knowledge expansion and personal career growth opportunities’ enhancement, paired with job stability.
You will know we are the right place for you, if you are driven by:
- Opportunities to learn and build your career.
- Meaningful work in a stable and fast-paced company.
- Diversity of people, projects, and platforms.
- A supportive, fun, and inspiring place to work.
Role Overview:
You will monitor and triage security alerts in Azure Sentinel and Microsoft Defender, perform initial investigations, and enrich event context following established SOPs. You’ll document findings, support knowledge sharing, and continuously develop your skills. You will also help improve SOC efficiency by suggesting enhancements to detection rules and automation.
Role insights:
- Monitoring and triaging alerts and incidents in Azure Sentinel and Microsoft Defender ecosystems;
- Performing structured initial investigations such as event timeline reconstruction, IOC validation (IP reputation, URL check, hash analysis), host and user context enrichment;
- Implementing guidelines and SOPs during incident triage, while suggesting improvements when gaps are identified;
- Document all findings, triage steps, and decisions in the ticketing platform;
- Supporting knowledge transfer through shift handovers and team briefings;
- Participate in training sessions and continuously updating technical skills based on the SOC’s evolving needs;
- Contributing to Sentinel detection rule suggestions or automation guides based on recurring false positives;
What makes you unique:
- Solid understanding of Azure Sentinel operations, including alert triage, incident investigation, and the use of workbooks and hunting queries;
- Hands-on experience with Microsoft Defender for Endpoint, Defender for Identity, and Defender for Office 365;
- Understanding of security event types such as authentication anomalies, endpoint threats, network detection alerts, and email security threats;
- Competent in incident triage and initial investigation steps, including basic correlation of events and IOC enrichment;
- Familiarity with ticketing systems (e.g., ServiceNow) for incident lifecycle management;
- Working knowledge of core security concepts: SIEM, EDR, IOC, MITRE ATT&CK, threat intelligence basics;
- Ability to prioritize and manage multiple alerts/incidents during peak periods;
- Availability for On-call duty per schedule;
- Certifications such as Microsoft SC-200, SC-900, or equivalent training paths is a plus.
Our gratitude for the job done will be eternal, but we’ll also offer you:
- Innovative technologies and platforms to “play” with;
- Modern working environment for your comfort;
- Friendly, ambitious, and motivated teammates to support each other;
- Thousands of online and in-person learning opportunities to grow;
- Challenging assignments and career development opportunities in multinational environment;
- Attractive remuneration package;
- Flexible working schedule and opportunity for home office;
- Numerous additional goodies, including, but not limited to free A1 services, discounts, health insurance and services, sports center, childcare, team and family events, etc.
If you have any questions, please do not hesitate to contact Yana Mladenova
Sounds good? Apply now!