SOC Detection Expert

SOC Detection Expert Join to apply for the SOC Detection Expert role at AXA Group Operations. Job Purpose Security Operations Center (SOC) delivers the following capabilities to AXA entities worldwide: Security Incident Detection, Threat Hunting, Security Incident Response, and Threat Intelligence. Main Mission Adversary Emulation Capability Leadership Design and implement automated attack scenarios to validate SOC readiness under realistic threat conditions. Provide expert support to SOC teams, Use Case Factory, and AXA entities by incorporating their needs and feedback into platform capabilities and scenario design. Lead the definition, delivery, and hands‑on development of new platform features, guiding the team’s architectural decisions and prioritising enhancements to ensure the solution matures in accuracy, scalability, and security. Continuously integrate insights gained from adversary emulation into enhanced detection logic. Detection Engineering: Design, implement, and optimise detection use cases, rules, and algorithms within SIEM, EDR, and other detection platforms. Documentation & Knowledge Sharing: Document detection strategies, rules, and processes, and share knowledge with SOC teams to improve overall operational readiness. Metrics & Reporting: Develop and report on key performance indicators (KPIs) related to detection efficiency, effectiveness, and coverage to senior management. Technology Evaluation: Stay abreast of emerging technologies and trends in cybersecurity, leading the evaluation and implementation of new tools and techniques that enhance detection capabilities. Expected Skills & Experience Experience Information Security – > 2 years DevSecOps – > 2 years Technical Skills Advanced Python scripting and development capabilities (familiarity with Django is a plus) Proven track record in adversary emulation and security control validation Solid understanding of detection engineering concepts and MITRE ATT&CK Familiarity with different security attack vectors and means of protection Proficiency in Microsoft Sentinel and Kusto Query Language (KQL) Strong problem‑solving skills with the ability to troubleshoot and resolve complex issues Ability to work independently and as part of a team in a fast‑paced environment Excellent written and verbal communication skills (Fluent in English) Education University degree in information security or equivalent work experience What We Offer We bring together the expertise, cultural diversity and creativity of over 8,000 employees worldwide and we’re committed to equal opportunities in all aspects of employment (gender, LGBT+, disabled persons, or people of different origins) and to promoting Diversity & Inclusion by creating a work environment where all employees are treated with dignity and respect, and where individual differences are valued. About the Entity AXA is becoming a sustainable tech‑led company. At AXA Group Operations we drive the transformation through technology and innovation, operating across 17 countries with highly qualified teams that leverage technology, data, sourcing, security, and investment allocation globally. About AXA As a world‑leading insurance company, we act for human progress by protecting what matters. With 153,000 employees in 54 countries working for 105 million customers, we have created a truly dynamic and vibrant community. Inclusion and diversity link closely with our values, and together we’re nurturing a culture of respect for each other, our customers and the communities around us. Other Information Seniority level: Not Applicable Employment type: Full‑time Job function: Other Industries: IT Services and IT Consulting Location: Paris, Île‑de‑France, France Referral incentive: Referrals increase your chances of interviewing at AXA Group Operations by 2x #J-18808-Ljbffr