This role is about handling esclated alert from monitoring organizations traffic and logs for threats in application consoles
Individuals at this job are responsible for managing SIEM infrastructure using Microsoft Azure Sentinel and analyzing organizations traffic and logs for threats. Notifying potential threats found.
Writing rules to implement detection
Good Understanding of Microsoft Azure Sentinel and KQL
Creating playbooks to implement SOAR
Implementing use cases and log management
Managing Microsoft Azure Sentinel Workspace and Subscription
Good undrestanding on Microsfot Azure Sentinel Architecture,design and implementation
Ingesting logs and onboard log souces into Sentinel.
Creating workbooks to implement dashboards and apps
following-up for ticket closure with the client and any enhancements to existing cyber security measures.
The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines.
When a security incident is declared they execute incident response process and document the same.
Operate the console of security information and event management tools (SIEM) , Microsoft Azure Sentinel
read coded scripts and modify and debug programs
develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc.
work on various operating systems and plat
work with word processors, spreadsheets and presentations
Bachelor's degree or equivalent combination of education and experience
Bachelor's degree in computer science, management information systems, or related field preferred
CISSP certification preferred
Six or more years of experience in computer science, management information systems, or data security experience
Experience working with information and network security practices, software, and hardware
Experience working with operating systems
Experience working with computer programming
Experience working with computer desktop packages such as Microsoft Word, Excel, etc.
Experience working with security architecture
Good analytical and problem solving skills for resolving security issues
Organization skills to balance and prioritize work
Interpersonal skills to interact with customers and team members
Good communication skills to interact with team members and support personnel
Good skills in implementing and configuring networks and network components
Ability to work with relational databases
Ability to work independently and as part of a team
May require shift work
May require weekend work