Jose Canós

SOC Analyst & Threat Detection Engineer

Spain
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Jose Canós is a SOC Analyst and Threat Detection Engineer with 9 years of experience focused on building efficient detections and automations for Microsoft Sentinel using Kusto Query Language. He has taken Sentinel deployments from non-functional to production at scale, contributed 100+ pull requests to Microsoft repositories, and sits among the top community contributors for Sentinel detections and threat hunting. At Sanitas he reduced ingestion costs by 30% through data curation, led biannual Red Team testing now as White Team supervisor, and reported multiple Microsoft service degradations later confirmed and fixed by the vendor. Comfortable with SIEM internals and data integration, he has also authored PowerShell-based connectors and parsing logic for Azure Sentinel integrations like Qualys and Carbon Black. With a Computer Science degree and a master’s in AI/Machine Learning, he pairs a logical, curious mindset with practical automation skills and a habit of questioning assumptions to find the most effective solutions.
code9 years of coding experience
bookUniversitat Politècnica de València
languagesEnglish, Catalan, Spanish
github-logo-circle

Github Skills (9)

apim10
powershell10
api10
data-parsing10
azure-log-analytics9
it-security8
security8
cybersecurity7
generated-code6

Programming languages (9)

PowerShellC#CSSJavaScriptHTMLJupyter NotebookRubyMarkdown

Github contributions (5)

github-logo-circle
Azure/Azure-Sentinel

Sep 2021 - Jan 2023

Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Role in this project:
userBack-end Developer
Contributions:14 reviews, 217 commits, 83 PRs in 1 year 4 months
Contributions summary:Jose appears to be a back-end developer primarily focused on developing and maintaining data connectors within the Azure Sentinel environment. Their commits involve significant modifications to PowerShell scripts, specifically for integrating with the Qualys VM and VMware Carbon Black Cloud APIs, suggesting expertise in data ingestion and transformation. These changes include adapting to API changes, handling data parsing, and integrating with Azure Log Analytics, indicating a focus on security data integration and automation. The user's contributions are critical for expanding the platform's capabilities to ingest security data.
intelligentsecurity-analyticsanalyticssecuritykql
ep3p/Azure-Sentinel

Sep 2021 - Feb 2024

Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Contributions:4 PRs, 358 pushes, 102 branches in 2 years 6 months
intelligentsecurity-analyticsanalyticssecuritykubernetes
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Jose Canós - SOC Analyst & Threat Detection Engineer