• Find preferred job with Jobstinger
  • ID
    #14291112
  • Job type
    Permanent
  • Salary
    TBD
  • Source
    UNICOM TECHNOLOGIES INC
  • Date
    2021-05-25
  • Deadline
    2021-07-24

Vacancy expired!

Role: Azure Sentinel Subject Matter Expert and Security Engineer Location: Chicago (Naperville), IL, United States-Remote until Pandemic Client: Wawatosa/TCS Exp: 10 Plus Years Required Technical Skill Set:

  • 6-8 years of experience in deploying and managing SIEM and more 10-12 years of experience in Cyber Security and SOC operations.
  • 2+ years' experience in Architecting, administrating, and maintaining Azure Sentinel instances
  • Configure, administer, and manage Azure Sentinel
  • Identify and implement Security use cases based on business requirements
  • Build searches, reports, and dashboards
  • WriteKQLto create analytics from approved list of alerts
  • Experience with PowerShell, and other scripting languages
  • Integrate on-prem and cloud data sources using various data connection methods
  • Create custom data connectors for non-standard technologies deployed in the tech stack
  • Responsible for writing and developing custom scripts, reports and programs as needed Identify and establish metrics
  • Responsible for proper operation, tuning and performance of Azure Sentinel
  • Prepare documentation for all analytics and data connectors
  • Prepare workbooks for SRC Operations, CIRT, EVM to track incidents and remediation efforts
  • Prepare automation playbooks to improve the efficiency of incident response and vulnerability management alerts
  • Responsible for writing Run books, Standard Operating Procedures (SOPs) and design documents
  • Responsible for preparing architecture HLD and LLD
  • Responsible for delivering the end to end Azure Sentinel security architecture and design artifacts
  • Recommends and participates in the design and implementation of standards, tools, and methodologies
Good analytical and communication skills Desired Skill Set:
  • Be a subject matter expert on Azure Sentinel and able to educate/guide all stakeholders through decision making process
  • Have extensive experience in implementing, architecting, and administering Azure Sentinel and overall Microsoft Enterprise Security Suite
  • Have a thorough understanding of Azure Sentinel and experience in fully operationalizing Azure Sentinel Enterprise Security in an enterprise SOC
  • Have experience in using Keyword Query Language (KQL), PowerShell and other scripting languages
  • Have experience in identifying, building, and deploying Security use cases
  • Have experience in integrating Cloud and On-premlog sources using data connectors
  • Have experience in developing and implementing custom data connectors to integrate non-standard log sources
  • Have extensive experience in building searches, reports, and dashboards
  • Establish and maintain configuration control and provide technical support
  • Have experience in preparing Azure Sentinel documentation including but not limited to Runbook, Playbooks, Use Case Library, Architect/Design document and SOPs
Have thorough understanding of Security Operations and overall enterprise Security requirements Good To Have:
  • Experience in rolling out other SIEM solutions in large enterprise
  • Have experience with SOC operations and threat hunting
  • Have performed L3 support role in past
  • Have performed client facing roles in past
  • Have worked in a global team environment
  • Have worked with any international client in past

Vacancy expired!

Report job

Related Jobs

Jobstinger