Who We Are
NTT DATA Romania is looking for passionate Engineers for designing and improving security solutions and to offer architecture consultancy within various projects and activities.
The Junior Security Engineer will support the operation and enhancement of the organization’s security monitoring capabilities using Microsoft Sentinel. This role focuses on assisting with log ingestion, alert tuning, basic detection development, and investigative tasks under the guidance of senior engineers. The position is intended for individuals beginning their career in security engineering with a strong interest in cloud security, Microsoft security technologies, and SIEM operations.
What You'll Be Doing

• Assist with the daily operation of Microsoft Sentinel, including monitoring data connectors, verifying log ingestion, and supporting health checks.
• Contribute to the creation and refinement of analytic rules, detection logic, dashboards, and workbooks.
• Develop and maintain KQL queries for reporting, basic threat hunting, and alert investigations.
• Support the creation and testing of SOAR playbooks to automate response workflows and routine tasks.
• Participate in incident triage by reviewing alerts, gathering relevant data, and escalating findings as needed.
• Document processes, investigation steps, detection logic, and playbook procedures in a consistent and organized manner.
• Assist in integrating new log sources into Sentinel, ensuring proper configuration and data validation.
• Work with senior engineers, SOC analysts, and IT teams to help ensure timely follow-up on investigations and remediation activities.
• Contribute to the continuous improvement of detections, alert quality, and visibility across cloud and on-premises environments.
  

What You'll Bring Along

• Bachelor's degree in IT/ Finance / Business Administration, Project Management, or related fields
• Minimum 1-3 years of experience in a similar role.
• Foundational understanding of SIEM concepts, security analytics, and incident response workflows.
• Basic familiarity with Microsoft Sentinel or comparable SIEM platforms.
• Introductory experience with KQL or willingness to learn and apply it regularly.
• Experience with Linux, Ansible, Terraform
• General understanding of common security concepts such as logging, identity, endpoint security, and network fundamentals.
• Ability to analyze information methodically and communicate findings clearly.
• Preferred hands-on practice gained through internships, labs, home labs, or academic projects.
• Relevant certifications (e.g., SC-200, AZ-900, AZ-500, or equivalent introductory certifications).
• Exposure to Microsoft Defender XDR solutions or other cloud security services.
• Introductory experience with scripting languages such as PowerShell or Python.
• Hands-on practice gained through internships, labs, home labs, or academic projects.
• Excellent command of both spoken and written English, German would be nice to have
  

Show more
Show less