Senior SOC Analyst | Threat Hunter | Detection Engineer

Location
Romania
Desired Salary
Unspecified
Work preference
Full Time
Joined
19 Mar 2026
Field / Industry
Software Engineering
Status: Actively looking
Relocation: No
Notice Period: Immediate

This user has not passed any tests yet

English - Romanian -

About Me

I am a Tier 2 SOC Analyst with over 8 years of experience in cybersecurity, specializing in incident response, advanced threat hunting, and detection engineering within 24/7 managed SOC environments. I have a proven track record of leading complex incident investigations across endpoint, identity, and cloud environments using Microsoft Defender XDR (MDE, MDI, MDO) and Splunk. I am adept at writing custom KQL hunting queries, conducting malware analysis, and validating detections using Atomic Red Team techniques. I am ranked in the Top 1% on TryHackMe and am actively pursuing the Blue Team Labs Level 2 (BTL2) certification.

Currently, I work as an L2 Security Operations Center Analyst at Arvato Systems Romania, where I lead major incident investigations from initial triage through containment and root cause analysis across enterprise client environments. I perform advanced threat hunting using OSINT-derived IOCs and custom KQL queries across Microsoft Defender XDR environments. I analyze endpoint, identity, and cloud telemetry to identify lateral movement, privilege escalation, and malicious behavior. Additionally, I conduct malware analysis using behavioral and static techniques to determine impact and drive remediation.

I validate and tune detections using Atomic Red Team adversary simulation and support detection engineering efforts across the SOC. I also provide rotational shift leadership, overseeing escalation workflows and mentoring junior analysts. Collaboration with enterprise clients during active incidents is a key part of my role, where I deliver remediation guidance and security recommendations.

Previously, I worked as a Cyber Security Analyst at Veoneer, performing alert triage, investigation, and incident response using SIEM and EDR tools. I conducted vulnerability assessments and management activities, developed automation workflows with Microsoft Logic Apps, and created PowerShell scripts to automate repetitive security tasks. Before that, I was a Vulnerability Management Analyst at Atos IT, managing vulnerability scanning programs with Qualys and Nessus, analyzing scan results, prioritizing findings, and coordinating remediation with IT teams.

I hold certifications including Microsoft SC-200 Security Operations Analyst, CompTIA Security+, Blue Team Labs Level 1, and Ethical Hacking from Bertelsmann Academy. I am fluent in English at a business level and a native Romanian speaker. My technical skills include Microsoft Defender XDR, Splunk, KQL, Microsoft Sentinel, Atomic Red Team, incident response, threat hunting, malware analysis, OSINT, detection engineering, MITRE ATT&CK framework, PowerShell, Qualys, Nessus, Logic Apps, endpoint forensics, SIEM operations, IOC development, root cause analysis, and shift leadership.

Skills

SIEMEDRNessus

Education

Politehnica University of Timișoara
2016 - 2020

Bachelor of Engineering in Automation and Computer Science

Experience

L2 Security Operations Center Analyst @ Arvato Systems Romania
Jun 2024 - Present

Lead major incident investigations from initial triage through containment and root cause analysis across enterprise client environments in a 24/7 SOC. Perform advanced threat hunting using OSINT-derived IOCs and custom KQL queries across Microsoft Defender XDR environments. Analyse endpoint, identity, and cloud telemetry to identify lateral movement, privilege escalation, and malicious behaviour. Conduct malware analysis using behavioural and foundational static techniques to determine impact and drive remediation. Validate and tune detections using Atomic Red Team adversary simulation; support detection engineering efforts across the SOC. Provide rotational shift leadership, overseeing escalation workflows and mentoring junior analysts. Collaborate directly with enterprise clients during active incidents, delivering remediation guidance and security recommendations.

Cyber Security Analyst @ Veoneer
Aug 2020 - Jun 2024

Performed alert triage, investigation, and incident response across corporate environments using SIEM and EDR tooling. Conducted vulnerability assessment and management activities, identifying and prioritising risks across the attack surface. Developed automation workflows using Microsoft Logic Apps to streamline SOC response processes. Created PowerShell scripts to automate repetitive security tasks and improve operational efficiency.

Vulnerability Management Analyst @ Atos IT
2016 - 2020

Managed vulnerability scanning programmes using Qualys and Nessus across enterprise infrastructure. Analysed scan results, prioritised findings by risk severity, and coordinated remediation with IT teams. Produced vulnerability reporting and tracked remediation progress against agreed SLAs.

Jobs Talent Salaries
Menu