At AlixPartners, we solve the most complex and critical challenges by moving quickly from analysis to action when it really matters; creating value that has a lasting impact on companies, their people, and the communities they serve. By understanding, respecting, and honoring the needs of our employees, clients, and communities, AlixPartners actively promotes an inclusive environment. We strongly believe in the value that diversity brings to our experiences and are committed to the perpetual enhancements of initiatives, policies, and practices. We hold ourselves accountable by providing the space for authenticity, growth, and equity for everyone. AlixPartners has embraced a hybrid work model to provide flexibility and support our employees' work-life integration. Our hybrid model combines a mix of in-person at an AlixPartners office on Tuesday, Wednesday, & Thursday and remote working options for Monday and Friday. At AlixPartners, we solve the most complex and critical challenges by moving quickly from analysis to action when it really matters; creating value that has a lasting impact on companies, their people, and the communities they serve. By understanding, respecting, and honoring the needs of our employees, clients, and communities, AlixPartners actively promotes an inclusive environment. We strongly believe in the value that diversity brings to our experiences and are committed to the perpetual enhancements of initiatives, policies, and practices. We hold ourselves accountable by providing the space for authenticity, growth, and equity for everyone. AlixPartners has embraced a hybrid work model to provide flexibility and support our employees' work-life integration. Our hybrid model combines a mix of in-person at an AlixPartners office on Tuesday, Wednesday, & Thursday and remote working options for Monday and Friday. What you'll do As a member of the Information Security (IS) team, you will contribute to the overall cyber defense of information assets and will conduct security monitoring, detection engineering, threat hunting, security posture analysis, and perform incident response investigations. The ideal candidate will have technical depth in the Microsoft security stack, which would include practical use of the Kusto Query Language (KQL) to perform day to day work. The AlixPartners Security Operations team heavily uses KQL for detection engineering, threat hunting, performing data analysis to improve security posture, and more. A background in Splunk Search Processing Language (SPL), or similar, may also be considered. Tools a candidate has experience with may include Sentinel, Defender for Cloud Apps, Defender for Identity, Secure Score, and Defender for Cloud. Knowledge in Microsoft Azure is also preferred. Known internally as Security Operations Senior Analyst, this is a full-time position located in Southfield, MI, reporting to the Security Operations Team Lead. Paid relocation is not available. Respond to, investigate, and analyze security events to determine appropriate actions Analyze security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations Conduct and apply detection engineering concepts to analyze, create, and tune detection logic and telemetry to ensure effective coverage and detection of existing and emerging threats Perform security posture analysis to improve overall IT ecosystem utilizing telemetry from security tools (Secure Score, KQL analysis, etc.) Gather information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications. Perform incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered