Senior Security Analyst (Microsoft Stack)

Accesa is a leading technology company headquartered in Cluj-Napoca, Romania, with over 20 years of experience in providing digital transformation services and IT solutions to various industries. Part of the Ratiodata Group, Accesa focuses on building long-term partnerships and a people-first culture.

Accesa & RaRo

Employee count: 1001-5000

CA and RO only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

About the Team & Culture

You will be joining a team that operates as consultants and partners to our clients, helping them innovate their existing processes and tools. We are focused on efficiency, strong communication, and sustainable learning paths. You will have an impact on the project’s evolution and the chance to contribute your own ideas to build successful client relationships.

The Role

The Senior Security Analyst operates at the nexus of expertise and leadership within our Security Operations Center (SOC). With a primary focus on Incident Response mastery within the Microsoft ecosystem, you will lead the charge in safeguarding our organization against cyber threats.

This role goes beyond reacting to incidents; it entails proactive defense using Microsoft Sentinel and the Defender XDR suite. You will collaborate with engineering teams to upgrade security tools, identify gaps in the MITRE ATT&CK coverage, and advocate for enhancements that bolster our posture.

Key Responsibilities

Operations (Threat Detection & Incident Response)

Incident Response Mastery: Lead the investigation of high-severity incidents using the Microsoft Defender Portal. Analyze "Attack Stories" to determine the root cause (e.g., patient zero), scope of compromise (lateral movement), and immediate containment actions (e.g., isolating endpoints via MDE).
Advanced Threat Hunting: Proactively hunt for undetected threats using KQL (Kusto Query Language) across Advanced Hunting tables. Develop hypotheses based on threat intelligence and validate them against data from Defender for Endpoint, Identity, and Cloud Apps.
Detection Engineering: Tune and optimize Sentinel Analytics Rules to reduce false positives. Collaborate with the SOC Architect to translate "hunt findings" into permanent detection logic.
Tool Optimization: Identify gaps in log visibility (e.g., missing Sysmon or firewall logs) and advocate for new Data Connectors or content integrations.
Automation: Leverage Automated Investigation & Response (AIR) capabilities in Defender for Office 365 and Endpoint to handle volume, and identify opportunities for SOAR playbooks (Logic Apps).

Business (Strategy & Risk)

Risk Assessment: Conduct assessments using Microsoft Secure Score and Exposure Management to identify critical vulnerabilities that could impact business operations.
Impact Analysis: Assess the potential business impact of security incidents (e.g., distinguishing between a test server and a production financial database) to prioritize response efforts effectively.
Compliance & Reporting: Provide expert guidance on regulatory compliance (GDPR, ISO 27001) by utilizing Microsoft Purview compliance signals and ensuring retention policies in Log Analytics Workspaces meet legal obligations.
Resilience: Contribute to business continuity planning by ensuring that "Break Glass" accounts and recovery procedures are tested and functional within the Azure tenant.

People (Leadership & Mentorship)

Mentorship: Act as a technical beacon for Junior/Mid analysts. Guide them through complex investigations in Sentinel, teaching them how to pivot effectively between data tables (e.g., DeviceNetworkEvents to IdentityLogonEvents).
Performance & Growth: Conduct regular code reviews of KQL queries written by the team and provide constructive feedback to optimize performance and accuracy.
Recruitment & Onboarding: Participate in technical interviews for new team members, ensuring they possess the necessary Microsoft ecosystem knowledge to integrate quickly.

Technical Expertise:

5+ years of experience in SOC or Incident Response.
Microsoft Sentinel: Deep proficiency in managing incidents, creating Watchlists, and writing complex KQL (joins, aggregations, visualizations).
Microsoft Defender XDR: Hands-on mastery of Defender for Endpoint (MDE), Defender for Identity (MDI), and Defender for Cloud Apps (MDA).
Frameworks: Strong application of the MITRE ATT&CK framework to map detection coverage.
Scripting: ability to read/write PowerShell for analysis or automation.

Soft Skills:

Consultative Approach: Ability to explain technical risks to non-technical business stakeholders.
Communication: Excellent written and verbal communication in English (German is a strong plus).
Proactive Mindset: A history of self-driven learning (e.g., setting up a home lab, following security researchers).

Nice to Have:

Certifications: Microsoft SC-200 (Security Operations Analyst) is highly desired. SC-100 or AZ-500 are strong additions.
Experience with Logic Apps and SOAR workflow design.

At Accesa you can

Enjoy our holistic benefits program that covers the four pillars that we believe come together to support our wellbeing, covering social, physical, emotional wellbeing, as well as work-life fusion.

Physical Wellbeing: Our wellbeing program includes medical benefits, gym support, and personalised fitness options for an active lifestyle, complemented by team events and the Healthy Habits Club.
Work-Life Fusion: In very dynamic industries such as IT, the line between our professional and personal lives can quickly become blurred. Having a one-size-fits-one approach gives us the flexibility to define the work-life dynamic that works for us.
Emotional Wellbeing: We believe that to maintain our overall health, we need to invest in our mental wellbeing just as much as we do in our physical health, social connections or in achieving work-life balance.
Social Wellbeing: As a growing community in a hybrid environment, we want to ensure we remain connected not just by the great work we do every day but through our passions and interests.

Accesa is a leading technology company headquartered in Cluj-Napoca, with offices in Oradea and 20 years of experience in turning business challenges into opportunities and growth.

A value-driven organisation, it has established itself as a partner of choice for major brands in Retail, Manufacturing, Finance, and Banking. It covers the complete digital evolution journey of its customers, from ideation and requirements setup to software development and managed services solutions.

With more than 1,200 IT professionals, Accesa also has a fast-growing footprint, establishing itself as an employer of choice for IT professionals who are passionate about problem-solving through technology. Coming together in strong tech teams with a customer-centric approach, they enable businesses to grow, delivering value for our clients, partners, industry, and community.

Apply now

Please let Accesa & RaRo know you found this job on Himalayas. This helps us grow!

Apply now

About the job

Apply before

Mar 29, 2026

Posted on

Jan 28, 2026

Job type

Full Time

Experience level

Senior

Location requirements

Canada

Romania

Hiring timezones

Canada +/- 0 hours, and 1 other timezone

About Accesa & RaRo

Learn more about Accesa & RaRo and their company culture.

View company profile

At Accesa, we are driven by a culture centered on people, solutions, and their impact. For over two decades, we have been turning business challenges into opportunities and growth, establishing ourselves as a trusted partner for major brands in Retail, Manufacturing, Finance, and Banking. Our mission is to build long-term partnerships with our clients and our people, fostering sustainable growth and delivering immediate value. We believe in a world where businesses leverage technology to create a meaningful impact on how we live, work, and conduct business. This vision guides us as we partner with clients to envision and engineer solutions that seamlessly integrate into their operations and enhance people's lives.

Our core values are an integral part of our identity. We value the people who work for us, collaborate with us, and use the platforms and systems we engineer. Courage is key – the courage to ask, understand, explore, and develop solutions that have a real impact. We prioritize insight, knowing the right things to focus on and committing to actions that ensure we capitalize on them. Growth is another cornerstone, achieved through the consistent development of ourselves, our connections, and the trust we nurture in all our collaborations. We are committed to creating positive change within the IT community by supporting organizations with a clear mission to achieve long-term impact in education and sustainability. Our organizational structure promotes a high level of autonomy for our employees, facilitating quick decision-making and the implementation of appropriate solutions for our partners. Throughout our 20 years, we have consistently emphasized the wellbeing of our employees, supporting initiatives that promote a healthy balance between professional and personal life. This people-first, customer-centric approach enables our teams to thrive, our clients' businesses to evolve, and end-users to succeed.

Tech stack

Learn about the tools and technologies that Accesa & RaRo uses to build, market, and sell its products.

View tech stack

Python

Java

Microsoft Azure

Terraform

Azure DevOps

Docker

SAP

Accesa & RaRo employees can create an account to update this tech stack.

Apply now

Please let Accesa & RaRo know you found this job on Himalayas. This helps us grow!

Apply now