Job Description Being in a development stage of the collaboration, we’re enjoying a growing team with diverse skills, from DevOps Engineers and Application Management Engineers to Observability Engineers and Security Engineers. In terms of efficiency, our core is focused on strong communication, both within the team and with our peers from the customer side. We treat our customers as partners, acting as consultants who help them innovate their existing processes, tools, and initiatives. We are ready to support ramp-ups and deliveries, as well as facilitate sustainable learning paths for each member. All in all, we strive to enjoy the work we do, both individually and as a team. We are currently seeking a SOC Architect to serve as a highly specialized domain expert responsible for the strategic design, engineering rigor, and operational excellence of the Security Operations Center (SOC). Unlike generic enterprise security architects, the SOC Architect focuses exclusively on the apparatus of detection, investigation, and response—the "nervous system" of the enterprise's cyber defense. You will act as the bridge between the strategic vision of the Microsoft Cybersecurity Architect (SC-100) and the operational mastery of the Security Operations Analyst (SC-200). Your mandate is to translate abstract security strategies defined by leadership into concrete, operational capabilities, ensuring that the SOC is a resilient, intelligent, and efficient defense mechanism within the Microsoft ecosystem. Responsibilities: Architect the Modern SOC → Lead the end-to-end design of a cloud-native SOC, defining the strategy, Azure technical architecture, and operational model aligned with Zero Trust and business needs. Translate Risk into Detection → Convert abstract security strategies and business risks into actionable detection logic by designing and maintaining advanced analytics rules using KQL in Microsoft Sentinel. Optimize Security at Scale → Design cost-efficient ingestion and retention strategies, including Log Tiering (Analytics, Basic, Archive), balancing visibility, performance, and Azure ingestion costs. Engineer SIEM & XDR Integrations → Architect seamless integrations between Microsoft Sentinel and the Microsoft Defender XDR suite (MDE, MDI, MDA, MDO), enabling bi-directional synchronization and enriched incidents. Automate Response & Operations → Design and implement advanced SOAR playbooks using Azure Logic Apps or Power Automate to automate incident enrichment, response, and containment actions. Enable Operational Excellence → Define SOC workflows, incident response processes, health monitoring, and KPI visualization (MTTD, MTTR, FPR), while mentoring Tier 3 analysts and ensuring sustainable operations. Qualifications Must Have: Microsoft Security Expertise → Deep hands-on experience with Microsoft Sentinel, Log Analytics Workspaces, and the Defender XDR ecosystem. Detection Engineering (KQL) → Advanced proficiency in Kusto Query Language for analytics rules, hunting queries, and performance optimization. SOAR & Automation → Strong experience designing automation using Azure Logic Apps, Power Automate, and SOAR concepts. Security Architecture → Proven experience designing SOC architectures, Log Analytics Workspace topologies, and MSSP models using Azure Lighthouse. Network & System Security → Solid understanding of NIDS/NIPS, Windows/Linux security, and hybrid log ingestion (CEF, AMA, CCF). Professional Experience → 5+ years in Cyber Security, SOC, Incident Response, or Security Engineering, with the ability to bridge technical execution and executive strategy. Nice to Have: Security Certifications → Microsoft SC-100, SC-200, or industry equivalents such as CISSP or CISM. Extended Security Exposure → Experience with Zscaler, OT/ICS environments, legacy SIEM migrations, or knowledge of geopolitical cyber threats and cyber insurance. Additional Information At Accesa you can Enjoy our holistic benefits program that covers the four pillars that we believe come together to support our wellbeing, covering social, physical, emotional wellbeing, as well as work-life fusion. - Physical Wellbeing: Our wellbeing program includes medical benefits, gym support, and personalised fitness options for an active lifestyle, complemented by team events and the Healthy Habits Club. - Work-Life Fusion: In very dynamic industries such as IT, the line between our professional and personal lives can quickly become blurred. Having a one-size-fits-one approach gives us the flexibility to define the work-life dynamic that works for us. - Emotional Wellbeing: We believe that to maintain our overall health, we need to invest in our mental wellbeing just as much as we do in our physical health, social connections or in achieving work-life balance. - Social Wellbeing: As a growing community in a hybrid environment, we want to ensure we remain connected not just by the great work we do every day but through our passions and interests. Company Description Accesa is a leading technology company headquartered in Cluj-Napoca, with offices in Oradea and 20 years of experience in turning business challenges into opportunities and growth. A value-driven organisation, it has established itself as a partner of choice for major brands in Retail, Manufacturing, Finance, and Banking. It covers the complete digital evolution journey of its customers, from ideation and requirements setup to software development and managed services solutions. With more than 1,200 IT professionals, Accesa also has a fast-growing footprint, establishing itself as an employer of choice for IT professionals who are passionate about problem-solving through technology. Coming together in strong tech teams with a customer-centric approach, they enable businesses to grow, delivering value for our clients, partners, industry, and community.