Operational Cybersecurity Specialist
On-site · Kolding, South Denmark, Denmark or Hørsholm, Capital Region, Denmark
Job Summary
Operational cybersecurity specialist to detect and respond to threats across an enterprise environment. The role includes end-to-end collaboration with our third-party European SOC, proactive threat hunting, incident response support (triage, investigation, containment, recovery, lessons learned), developing and tuning detections and analytics (including KQL) to improve visibility and reduce false positives, contributing to the MDR setup based on Microsoft technologies (Sentinel, Defender), and advancing automation/infra-as-code initiatives. Collaboration across cybersecurity, infrastructure, cloud, and applications teams is essential, with additional responsibilities in logging/telemetry improvement and coordinating with offensive security activities such as penetration tests and red team exercises.
Required Qualifications
- Experience in security operations, SOC, incident response or similar hands-on cybersecurity function
- Good understanding of threat detection, investigation, and threat hunting in enterprise environments
- Experience with SIEM and EDR/XDR technologies
- Practical knowledge of the Microsoft security ecosystem (Microsoft Sentinel and Defender)
- Experience using KQL for log analysis, investigation, or detection development
- Familiarity with attacker techniques/frameworks such as MITRE ATT&CK
- Interest in automation, detections as code, and infrastructure as code
- Strong communication and collaboration skills across technical teams
- Structured, calm approach to handling incidents or working under pressure
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.