Your key responsibilities
- Architecting and implementation of cloud security monitoring platforms MS Sentinel
- Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment.
- Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer.
- Securing overall cloud environments by applying cybersecurity tools and best practices
- Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
- Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems
Skills and attributes for success
- Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
- Expertise in content management in MS Sentinel
- Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework
- Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers
- Below mentioned experiences/expertise on Sentinel
- Develop a migration plan from Splunk/QRadar/LogRhythm to MS Sentinel
- Deep understanding of how to implement best practices for designing and securing Azure platform
- Experiencing advising on Microsoft Cloud Security capabilities across Azure platform
- Configure data digestion types and connectors
- Analytic design and configuration of the events and logs being digested
- Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
- Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
- Experience in other cloud native security platforms like AWS and GCP is a plus
- Scripting knowledge (Python, Bash, PowerShell)
- Extensive knowledge of different security threats
- Good knowledge and experience in Security Monitoring
- Good knowledge and experience in Cyber Incident Response
To qualify for the role, you must have
- B. Tech./ B.E. with sound technical skills
- Strong command on verbal and written English language.
- Demonstrate both technical acumen and critical thinking abilities.
- Strong interpersonal and presentation skills.
- Certification in Azure (any other cloud vendor certification is a plus)
Ideally, you’ll also have
- People/Project management skills.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.