Azure Sentinel
Employment Type : Full-Time
Key Requirements:
- Architect, Implement, Manage and lead Security Operations Centre infrastructure, use cases, alerts, and configurations
- Implement and operationalize RCSIRT, SOAR, SIEM, DLP, Network monitoring, and Forensic tools with at least 3 implementations experience on Azure Sentinel, Splunk, Exabeam Fusion SIEM, Securonix next-generation-SIEM, XDR, CrowdStrike Falcon, McAfee EDR, Mimecast, Proofpoint, Zscaler, McAfee, McAfee DLP, ManageEngine Service Desk Plus & Data Security Plus, Qualys Guard, Qualys Web Application Scanner, DeepSource, Microsoft Intune.
- Expert in Cloud Security architecture specifically on Azure & AWS.
- Should possess integration experience with cross-platforms to improve the overall orchestration of security tools.
- Well-versed with well-known security frameworks such as ISO 27001:NIST CSF / PCI DSS / ISOSTRIDE / MITRE / SSAE16 etc.
- Ensure key information security risks and issues are identified, addressed, and resolved in a timely manner.
- Acquire artifacts from a client or server during an investigation using different tools
- Assess the efficacy of security controls, and document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
- Develop relevant metrics, analyze data, identify trends and help drive improvements to the control environment
- Recommend security monitoring or device tuning to reduce false positive detections
- Build and run various phishing, vishing, and smishing campaigns
- Must have experience working on the following technologies: Endpoint detection and response, PowerShell, anti-virus, email security, Linux, DLP, deception tools, cloud platform security
- Implement SOC Automation and mature operations excellence.