Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

IBM Security Specialist-Network L3 
India, Maharashtra, Mumbai 
414815638

05.08.2024

Your Role and Responsibilities
SIEM-Sentinel Admin

How we’ll help you grow:

  • You’ll have access to all the technical and management training courses you need to become the expert you want to be
  • You’ll learn directly from expert developers in the field; our team leads love to mentor
  • You have the opportunity to work in many different areas to figure out what really excites you


Required Technical and Professional Expertise

  • Proficient with Azure Sentinel focusing primarily on SIEM (security information and event manager) for monitoring, XDR (Extended Detection and Response) for incident response actions
  • Possess knowledge of a Security Operations Center (SOC) operations
  • Must have technology experiences: Azure Sentinel, Azure Sentinel SOAR, Azure Playbooks, KQL Queries
  • Sound Knowledge on JavaScript, C#, KQL or SQL development background
  • Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation
  • Ability to define various SIEM use cases based on IT environment for better detection of anomalies
  • Tools : Azure Sentinel, Log Analysis, KQL, Automation, SOAR
  • Strong understanding of the SOC KPIs, establish SOC performance goals and priorities
  • Manages security teams, monitors threat, implements security policies, and collaborates with other departments to ensure a comprehensive security posture.
  • Understanding of the cybersecurity framework such as NIST, MITRE ATT&CK(attack lifecycle management)
  • Manage communications, escalations, including taking corrective action for remediation.
  • Excellent written and Verbal communication skill
  • Knowledge on SOC automation related skills
  • Knowledge of handling and using threat intelligence feeds for threat detection purposes. • Critical Incident lifecycle Management and Reporting Operations Management, Stakeholder Management and Vendor Management
  • IT Security Certifications like CISSP, CISM, etc.


Preferred Technical and Professional Expertise

  • Design, build, test, deploy Sentinel SIEM and Security Architectures
  • Experience with Security Information and Event Management (SIEM) tools – mainly Sentinel and QRadar
  • Preferred Certifications like Certification : AZ-900 ,SC-200 / AZ-500 and any other relevant SIEM certifications(OEM specific) etc.
  • At least 3 years of professional experience with IT Security products and services, ideally related to Sentinel SIEM
  • Understanding the technical aspects of the Information Security.
  • Participate on interconnecting the Sentinel SIEM tool with sources of security incidents – e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc.
  • Serve as deeply skilled and knowledgeable resource within the SIEM and SOAR technology area
  • Participate on automation of the incidents prioritization and false positives identification
  • Perform security incident analysis and recommend remediation steps