Title: Automation/Devsecops SME
Location: Renton & Redmond, WA
Must Haves: Strong integration and automation capabilities related to Microsoft cloud-based tools (Sentinel, ATP, etc).
Remote Option: No
About PUNCH:

We’re problem solvers first & foremost. PUNCH’s origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and techniques and decided there had to be a better way. We bring this laser focus on efficiency everywhere we go.

We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.

We back each other up. PUNCH is a supportive place to work. We’ve worked hard to create an environment that makes people better, encourages team work, and rewards a “pitch in” mentality.

We give back. To those in need. To the community. To the industry.

Does this sound like you?

In this Role You Will: Advise & support the improvement and evolution of a major Security Operations Center (SOC) in the greater Seattle, Washington area. Relevant experience includes:

  • Experience integrating and automating security tools, particularly within Microsoft O365 and Azure.
  • Significant experience managing cases with enterprise SIEM systems like Sentinel.
  • Experience developing and maintaining the following technologies:
    • Crowdstrike Endpoint security products
    • IDS/IPS
    • Perimeter Email and Network security products
  • Expertise with one or more of the following tools:
    • Sentinel
    • Crowdstrike Falcon
    • Demisto
    • Anomali
  • Experience writing the following:
    • KQL Queries
    • HTML and/or Javascript
    • Powershell and/or Python
  • Deep understanding of Windows and/or Linux.
  • Proficient at documenting processes and procedures.
  • Capability & willingness to mentor and teach junior and mid-level analysts.
  • Communicate to all Levels of the Organization and Technical Backgrounds.

Key Requirements: 5+ years DevSecOps experience. Strong familiarity with Microsoft O365 services, Sentinel, Azure, and demonstrated understanding of automation practices within these tools. Proven management/mentoring experience.


PUNCH Cyber Analytics Group

Phone: 703-594-7266