MSSP Automation Engineer (SOC MSS) Microsoft Security & Azure Stack

Position: MSSP Automation Engineer

Job Type: Full-Time

WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME

Reports To: SOC Team Lead / Head of Managed Services & Support / Head of Cybersecurity Services

Job Overview

We are looking for a developer-minded MSSP Automation Engineer to design, build, and maintain automation workflows across our Security Operations Center (SOC) and Managed Services Support (MSS) environments.

Your work will directly enhance scalability by automating alert enrichment, incident response, IT support tasks, and cross-platform integrations.

The ideal candidate has deep expertise in Microsoft Sentinel, Defender XDR, Microsoft 365, and Azure, with a passion for creating resilient, scalable, and secure automation pipelines.Key Responsibilities Automation Development & Integration (SOC + MSS)

Design and implement Logic Apps, Power Automate flows, and custom connectors to automate:

SOC workflows (alert enrichment, containment, escalation)

MSS workflows (user onboarding, device compliance, license management)

Build integrations across:

Microsoft Sentinel, Defender (Endpoint, Identity, Office 365)

Microsoft 365 (Exchange, SharePoint, Teams, Intune)

Azure (VM provisioning, RBAC, networking, Entra ID)

Custom Scripting & API Integration

Develop automation scripts using PowerShell, Python, and Microsoft Graph API.

Integrate with third-party platforms (e.g., JIRA, ServiceNow, Slack, email gateways) via REST APIs and webhooks.

Build and maintain Jupyter Notebooks for automation, threat hunting, and analytics.

Use Case Enablement & Optimization

Collaborate with SOC analysts and IT support teams to identify automation opportunities.

Enable automated containment (e.g., isolate device, disable user, revoke session) and IT actions (e.g., password reset, onboarding).

Support Insider Risk, DLP, and compliance workflows with automation.

Azure Platform Engineering

Automate Azure resource provisioning, policy enforcement, and monitoring.

Implement RBAC, tagging, and governance for multi-tenant environments.

Support Azure automation for MSSP customer onboarding and delivery.

Governance, Security & Documentation

Ensure workflows comply with standards (ISO 27001, SOC2, NIST).

Maintain documentation for all playbooks, scripts, and automation assets.

Implement logging, error handling, and version control.

Collaboration & Enablement

Collaborate with:

SOC analysts and detection engineers (security automation)

IT engineers (Microsoft 365 / Azure automation)

Onboarding and JSM teams (workflow alignment)

Deliver training and knowledge transfer on automation tools.

Required Skills & Qualifications

Education

Btech/BCA/MCA

CertificationsRequi

rong>red: Microsoft Certified: Security Operations Analyst Associate

Preferred: Azure Security Engineer, Azure Administrator (AZ-104), Defender XDR, ITIL Foundation

️ Technical Expertis

eProficiency in Logic Apps, Power Automate, Microsoft Sentinel playbook

sStrong hands-on with

:Microsoft Defender XDR (MDE, MDI, MDO

)Microsoft 365 (Intune, Exchange, Teams, SharePoint

)Azure (VMs, Networking, Entra ID, RBAC

)Skilled in PowerShell, Python, KQL, Graph API, REST AP

IFamiliar with Jupyter Notebooks, custom connectors, and multi-tenant MSSP setup

s Soft Skill

sStrong analytical and problem-solving mindse

tExcellent communication and documentation skill

sDeveloper-oriented thinking (scalability, reusability, security focus

)Fluent in Englis

hExperienc

e5+ years in cybersecurity, IT support, or SOC

operations2–3

years in automation engineering or security orchestrationProv

en experience building automation in Sentinel, Defender XDR, Microsoft 365, and AzurePrio

r MSSP or multi-tenant SOC/MSS experience is highly preferre

d