Job Description Sentinel Specialist
Designation: Sentinel Specialist
Job Role:
Collaborate with the global leadership team in terms of being accountable for
Microsoft SIEM Sentinel services for global customers that includes presales
consulting implementation service delivery customer management team
management and service operations.
Experience:
Minimum 5 to 7 years of hands on relevant experience in managing cyber security
IT projects delivered globally with excellent customer satisfaction
JobLocation: vCyberiz Pvt Ltd Bangalore
Shifts: Day Shifts. However the resource may need to work Flexible Hours to provide
extended support & be available on call when required.
Responsibilities
Assess the current SIEM environment and requirements of the clients and propose a migration plan to Sentinel.
Configure and deploy Sentinel connectors workbooks analytics rules playbooks
and dashboards.
Integrate Sentinel with other Azure and thirdparty security services and tools.
Perform data ingestion normalization enrichment and correlation using Sentinels builtin and custom log sources and parsers.
Plan and execute migrations from other SIEM platforms (such as Splunk ArcSight QRadar etc.) to Microsoft Sentinel.
Develop migration strategies including data migration log source integration and configuration transfer.
Optimize Sentinels performance scalability and reliability.
Monitor and troubleshoot Sentinels health and operational issues.
Provide training and documentation to the clients on how to use and manage
Sentinel.
Stay updated on Sentinels latest features updates and best practices.
Develop and maintain documentation including deployment guides runbooks and best practices.
Essential Technical skills:
Indepth Design and Implementation Experience in implementing Microsoft Sentinel
for global customers
Must have done at least 3 major Sentinel implementations using Light House
Expertise in creating use cases and playbooks based on industry best practices
Must have implemented custom log sources and use cases
Must have customer facing experience in terms of doing POCs
Providing standard gap analysis services to internal business and technology
partners
Good Understanding of IT security policy procedure design and implementation
In Depth experience in managing security incidents and critical alerts
Expertise in KQL language
Expertise in dashboard creation for various customers
Configuring deployment and prevention policies based on business risks
Experience in handling correlation of alerts and reports in Sentinel
Basic Knowledge on security models such as ITIL ISO27002 PCI DSS and Cobit 5
SC200 Certification (Microsoft Security Operations Analyst) or SC900 Certification
Bachelor s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience
Behavioral Skills:
Effective interpersonal team building team management and communication skills Ability to collaborate; be able to communicate clearly and concisely both to laypeople and peers be able to follow instructions make a team stronger for your
presence and not weaker
Ability to see the bigger picture and differing perspectives; to compromise to balance competing priorities and to prioritize the user
Desire for continuous improvement of the worthy sort; always be learning and
seeking improvement avoid change aversion and excessive conservatism equally avoid harmful perfectionism notinvented here syndrome and damaging pursuit of the bleeding edge for its own sake
Learn things quickly while working outside the area of expertise.
Analyze a problem and realize exactly what all will be affected by even the smallest of change you make in your design
Ability to communicate complex technology to non
tech audience in simple and precise manner
Qualifications
Bachelors degree in Computer Science Engineering or related field or equivalent work experience.
At least 7 years of experience in deploying and managing SIEM solutions such as Splunk QRadar ArcSight or LogRhythm.
At least 1 year of experience in migrating from other SIEM tools to Sentinel.
Strong knowledge of Azure cloud services and security features.
Proficient in PowerShell Azure CLI Kusto Query Language (KQL) and Logic Apps.
Familiar with security standards and frameworks such as NIST ISO and CIS.
Excellent communication presentation and problemsolving skills.
Certifications in Azure Security Sentinel or other SIEM tools are preferred.
The primary objectives of the Security Operations Engineer are to design and build Security Operations Centers for our clients and implement the required parts of Security Information and Event Management (SIEM) environment. Design build test deploy Sentinel SIEM and Security Architectures. Serve as a deeply skilled and knowledgeable resource within the Sentinel SIEM technology area. Participate in project teams providing consultation on information security designs. The Sentinel Security Engineer will work as part of a dynamic team to improve customer security and ensure customer satisfaction through your work to design deploy and manage the Microsoft security stack and the Microsoft Sentinel SIEM.
arcsight,security standards,kusto query language (kql),security,azure cloud services,siem,team management,documentation,microsoft siem sentinel,powershell,splunk,logic apps,siem solutions,migration,customer management,implementation,sentinel,azure cli,qradar
Sentinel Specialist
