Sentinel Security Specialist DM2024CS0901
Sentinel Security Specialist DM2024CS0901
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
This is a remote position.
Job Summary
Our customer requires thirdparty expertise in Microsoft Sentinel skills to define build and test security use cases in collaboration with the wider security functions defined in the operating model.
These thirdparty engineering services will coordinate with team members across Secure Place Comms and Collab and SMI as these are the key stakeholders defined in the Cyber SOC Factory Model they are the primary contributors/users of its inputs/outputs along with various other product and operational teams to discover and prioritise security use cases achieved through analysis of data sources being ingested into customer s Microsoft Sentinel instance. This will ensure they have relevant mitigating controls in place for risks and control gaps defined as part of our Security Risk Management process.
THIS IS A SoW BASED ENGAGEMENT AND PAYMENTS ARE MILESTONE BASIS I.E. AGAINST CUSTOMER APPROVED DELIVERY NOTE FOR EACH MILESTONE.
Responsibilities & Duties
Procure Security Engineering support to undertake the tasks to define and build security use cases within MS Sentinel by analysing data sources and events from across all of customer s integrating products. With a builtin knowledge transfer element to pass knowledge and skills to customer s engineering colleagues. Work will be outcome based and payments will be tied to delivery milestones.
Strategic:
Analyse customer s requirements and priorities to collaborate in delivering against their wider strategic roadmap.
Help configure and develop customer s Azure Subscription that hosts their Sentinel production instance
Mature customer s monitoring alerting hunting reporting based on data ingested into Sentinel (specifically on Azure/M365 logs)
Improve customer s security status by reducing risks and attacks against their Azure / M365 environments
Help discover threat vectors to customer s Azure / M365 environments
Provide guidance on how to best meet industry best practices for the deployment and operational live service of Sentinel
Tactical:
CoDesign Develop Deploy and Review Sentinel Analytics rules
CoDesign Develop Deploy and Review Sentinel Workbooks and Notebooks
CoDesign Develop Deploy and Review Sentinel automation and integration playbooks
Configure and optimise (health and cost) our Sentinel connected Log Analytics Workspace
CoDesign Develop Deploy and Review our Syslog Connector
Essential Skills
.
Prior experience in analyzing customer s requirements and priorities to collaborate in delivering against our wider strategic roadmap
.
Prior experience in configuring and developing Azure Subscription that hosts customer s Sentinel production instances.
.
Excellent in monitoring alerting hunting reporting based on data ingested into Sentinel (Specifically on Azure/M365 logs)
.
Prior expertise in providing customer s security status by reducing risks and attacks against customer s Azure/M365 environment.
.
Discovering threat vectors to customer s Azure / M365 environment.
.
CoDesign Develop Deploy and Review Sentinel Analytics rules.
.
CoDesign Develop Deploy and Review Sentinel Workbooks and Notebooks
.
CoDesign Develop Deploy and Review Sentinel automation and integration playbooks
.
Configure and optimize (health and cost) customer s Sentinel connected Log Analytics Workspace
.
CoDesign Develop Deploy and Review our SysLog Connector
.
Experience using security products such as XDR EDR IDS/IPS SOAR
.
Deep understanding of risk assessment and management methods
.
Experience working with various multidisciplined teams in an agile manner
.
Regulatory compliance experience such as GDPR NIST ISO 27001.
.
Proficiency in KQL for advanced query writing
.
Proven ability in designing developing and automation incident response playbooks
.
Experience securing environments across multiple cloud providers
Nice to have Skills
.
Producing technical documentation in alignment with organizational standards.
.
Taking lead during technical workshops to define specific use case requirements
.
Highlighting technical or process dependencies and working with business stakeholders to negotiate resolutions
.
Proposing optimal reporting methods of delivered security use cases to demonstrate control effectiveness
.
Knowledge of ITSM products such as ServiceNow
.
Experience in designing and implementing machine learning models or advanced analytics for anomaly detection
.
Knowledge of other SIEM platforms
.
Experience in leading or managing a SOC with a deep understanding of SOC workflows KPIs and operational challenges
.
Knowledge of securing containerised environments
Background Check Required
Not Required
Benefits
.
Weekly Hours: 40 Hours.
.
Day Rate: £ 825.00 plus VAT allinclusive basis.
.
Over time: Yes (subject to project manager s written approval)
.
Expenses Allowed: No
.
Extension: Possible
.
Language: Fluent in English.
.
IR35 regulation applicable.
Additional Assessment
.
Interview
.
Presentation
Evaluation Weighting
.
Technical competence 60%
.
Cultural fit 20%
.
Price 20%
Employment Type
Full Time
