Security Associate Manager

Consult with customers to customize and configure Microsoft Sentinel along with developing use cases for security monitoring. • Administration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration, management, change management, report management, manage backup and recovery etc.) • Security Use case development, Construction of SIEM content required to produce Content Outputs (e.g., correlation rules, reports, report templates, queries) • Should be thorough in troubleshooting Microsoft Sentinel platform and application issues, escalate the issue and work with Microsoft Sentinel support to resolve issues. • Integration of customized threat intelligence content feeds provided by the Threat Intelligence and Analytics service. • Integrate SIEM with a wide variety of supported and unsupported data sources. • This is a hands-on role, requiring strong technical skills as well as a good understanding of the Cyber security problem and solutions. Skills and Qualifications: • Bachelor’s Degree in Engineering/computer science/ Information Technology or other relevant fields. • In-depth knowledge in core security domain (SIEM and SOC) • Direct architecture design, administration experience and certifications with one or more SIEM/ Security Solutions (i.e. LogRhythm, Microsoft Sentinel, Splunk, QRadar, ArcSight) • Programming and scripting skills. • Knowledge on MITRE ATT&CK, TTPs • Good understanding of network protocols & architecture and cloud infrastructure.