Why work at Nebius
Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field.

Where we work
Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 800 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team.

The role

We are looking for a Security Operations Engineer to join out IT infrastructure team. You will be responsible for monitoring, detecting, and responding to security incidents across Microsoft Sentinel, Defender XDR, Entra ID, and Purview. This includes investigating threats, tuning detection, creating automation playbooks, and ensuring compliance with data protection policies. You will collaborate with IT, security, and compliance teams to strengthen the organization’s security posture and enable a proactive defense strategy.

Your responsibilities:

Monitor, investigate, and respond to security incidents across Sentinel and Defender XDR.
Administer, configure, and enhance Microsoft Sentinel (rules, playbooks, automation workflows).
Detect and respond to identity-based threats in Entra ID and enforce conditional access & MFA policies.
Configure, monitor, and investigate alerts from Microsoft Purview (DLP, insider risk, compliance violations).
Perform threat hunting using Sentinel and Defender telemetry.
Tune detections and reduce false positives to increase SOC efficiency.
Create and maintain security automation (Logic Apps, PowerShell runbooks, Sentinel playbooks).
Provide reporting and documentation for incidents, investigations, and compliance requirements.
Collaborate with IT, SecOps, and compliance teams to improve detection coverage and response processes.

Must-haves:

3+ years of hands-on experience with Microsoft Security technologies in enterprise environments.
Deep experience with:
- Microsoft Sentinel (KQL queries, analytic rules, automation playbooks, dashboards).
- Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, Cloud Apps).
- Microsoft Entra ID (identity protection, conditional access, PIM).
- Microsoft Purview (DLP, sensitivity labels, insider risk, eDiscovery).
Strong understanding of identity and access management, authentication protocols (SAML, OAuth, OpenID Connect, Kerberos).
Knowledge of SIEM/SOAR concepts, incident response workflows, and the MITRE ATT&CK framework.
Development/scripting experience using:
- Kusto Query Language (KQL)
- PowerShell (primary)
- RESTful APIs / Microsoft Graph API
- Python or Bash (nice to have).
Strong troubleshooting and forensic investigation skills across endpoints, identities, and cloud workloads.
Intermediate written and spoken English is required.

We conduct coding interviews as part of the process.

What we offer

Competitive salary and comprehensive benefits package.
Opportunities for professional growth within Nebius.
Flexible working arrangements.
A dynamic and collaborative work environment that values initiative and innovation.

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!

About Nebius AI

Key Highlights

🎁 Benefits

🌟 Culture

Security Operations Engineer

Skills & Technologies

Job Description

The role

Interested in this role?