Your Role and ResponsibilitiesHow we’ll help you grow:- You’ll have access to all the technical and management training courses you need to become the expert you want to be
- You’ll learn directly from expert developers in the field; our team leads love to mentor
- You have the opportunity to work in many different areas to figure out what really excites you
Required Technical and Professional Expertise
- Proficient with Azure Sentinel focusing primarily on SIEM (security information and event manager) for monitoring, XDR (Extended Detection and Response) for incident response actions
- Possess knowledge of a Security Operations Center (SOC) operations
- Must have technology experiences: Azure Sentinel, Azure Sentinel SOAR, Azure Playbooks, KQL Queries
- Sound Knowledge on JavaScript, C#, KQL or SQL development background
- Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation
- Ability to define various SIEM use cases based on IT environment for better detection of anomalies
- Tools : Azure Sentinel, Log Analysis, KQL, Automation, SOAR
- Strong understanding of the SOC KPIs, establish SOC performance goals and priorities
- Manages security teams, monitors threat, implements security policies, and collaborates with other departments to ensure a comprehensive security posture.
- Understanding of the cybersecurity framework such as NIST, MITRE ATT&CK(attack lifecycle management)
- Manage communications, escalations, including taking corrective action for remediation.
- Excellent written and Verbal communication skill
- Knowledge on SOC automation related skills
- Knowledge of handling and using threat intelligence feeds for threat detection purposes. • Critical Incident lifecycle Management and Reporting Operations Management, Stakeholder Management and Vendor Management
- IT Security Certifications like CISSP, CISM, etc.
Preferred Technical and Professional Expertise
- Design, build, test, deploy Sentinel SIEM and Security Architectures
- Experience with Security Information and Event Management (SIEM) tools – mainly Sentinel and QRadar
- Preferred Certifications like Certification : AZ-900 ,SC-200 / AZ-500 and any other relevant SIEM certifications(OEM specific) etc.
- At least 3 years of professional experience with IT Security products and services, ideally related to Sentinel SIEM
- Understanding the technical aspects of the Information Security.
- Participate on interconnecting the Sentinel SIEM tool with sources of security incidents – e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc.
- Serve as deeply skilled and knowledgeable resource within the SIEM and SOAR technology area
- Participate on automation of the incidents prioritization and false positives identification
- Perform security incident analysis and recommend remediation steps