Security Operations Analyst
The Microsoft security operations analyst can be seen as the gatekeeper for the organisation and collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders.
Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the security operations analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.
Candidates for this role should be familiar with attack vectors, cyberthreats, incident management, and Kusto Query Language (KQL). Candidates should also be familiar with Microsoft 365 and Azure services, certification.
In order to prepare for this role you start studying the M-SC900 Security Fundamentals. Then you are prepared to get into the Microsoft Security Operations Analyst (SC-200) course. After this 4-day class you need about another 24 hours of study to prepare for your exam.