Job Objective
Our Cyber Security Operation function works to continuously strengthen cyber security posture
through research, threat simulations, threat hunting, and offensive security engagements. This position will be
responsible for analyzing, designing, and developing commercially viable end-to-end technical solutions based on
business needs. In support of these, the role will include developing advanced correlation rules, reports, and
dashboards to detect emerging threats in SIEM & Cloud platforms. You will help design solutions for security
problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and
mitigation of threats from beginning to end.
Roles and Responsibilities
- Sentinel SIEM, EDR, EDR, Email Security administration and operation management
- Custom/unsupported devices integrate with Sentinel SIEM and use cases creation.
- EDR, MDO and E5 security policy fine-tuning.
- DNS Management
- Creation of customized reports and dashboards for presentation to various stakeholders.
- Identify and address technical or operational risks.
- SIEM and other security platform performance and capacity management
- Should be able to perform analysis of logs from various devices and develop use cases
considering evolving threat landscape for anomaly detection.
- Well versed with logging standard development and device onboarding/log source integration
of diversified devices including the ones not supported by SIEM OEM.
* Handle 24*7 operations and support various SOC activities
- Good Communication Skill and stakeholder management is imperative.
Job Requirements
Educational qualifications:
- Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
- Advanced certification desirable RHEL certified, Sentinel Admin, AZ-900, CISP, CCSP, AWS Certified
Solution Architect – Associate, Google Cloud Professional Security Engineer, Microsoft Certified: Azure
Security Engineer Associate.
Experience:
- Overall 2+ year of experience in Engineering Admin & in Cyber Security.
- Strong experience in Sentinel SIEM architecture, administration
- Proven experience in assessing, designing, deploying, and operating SIEM platforms.
- Expertise in SIEM use cases creation.
- Expertise in CSPM policy creation and fine-tuning.
- Experience in defining best practices for optimized application and platform performance.
- Demonstrated expertise in modifying configurations that improve SIEM performance.
- Proficient in Kusto query language (KQL) and experienced in developing use cases.
- Familiar with multiple architectural, development and operational methodologies.
