-
ID
#14291112 -
Job type
Permanent -
Salary
TBD -
Source
UNICOM TECHNOLOGIES INC -
Date
2021-05-25 -
Deadline
2021-07-24
Azure Sentinel Subject Matter Expert and Security Engineer (100% Remote)
Illinois, Naperville, 60540 Naperville USAPermanent
Vacancy expired!
Role: Azure Sentinel Subject Matter Expert and Security Engineer Location: Chicago (Naperville), IL, United States-Remote until Pandemic Client: Wawatosa/TCS Exp: 10 Plus Years Required Technical Skill Set:
- 6-8 years of experience in deploying and managing SIEM and more 10-12 years of experience in Cyber Security and SOC operations.
- 2+ years' experience in Architecting, administrating, and maintaining Azure Sentinel instances
- Configure, administer, and manage Azure Sentinel
- Identify and implement Security use cases based on business requirements
- Build searches, reports, and dashboards
- WriteKQLto create analytics from approved list of alerts
- Experience with PowerShell, and other scripting languages
- Integrate on-prem and cloud data sources using various data connection methods
- Create custom data connectors for non-standard technologies deployed in the tech stack
- Responsible for writing and developing custom scripts, reports and programs as needed Identify and establish metrics
- Responsible for proper operation, tuning and performance of Azure Sentinel
- Prepare documentation for all analytics and data connectors
- Prepare workbooks for SRC Operations, CIRT, EVM to track incidents and remediation efforts
- Prepare automation playbooks to improve the efficiency of incident response and vulnerability management alerts
- Responsible for writing Run books, Standard Operating Procedures (SOPs) and design documents
- Responsible for preparing architecture HLD and LLD
- Responsible for delivering the end to end Azure Sentinel security architecture and design artifacts
- Recommends and participates in the design and implementation of standards, tools, and methodologies
- Be a subject matter expert on Azure Sentinel and able to educate/guide all stakeholders through decision making process
- Have extensive experience in implementing, architecting, and administering Azure Sentinel and overall Microsoft Enterprise Security Suite
- Have a thorough understanding of Azure Sentinel and experience in fully operationalizing Azure Sentinel Enterprise Security in an enterprise SOC
- Have experience in using Keyword Query Language (KQL), PowerShell and other scripting languages
- Have experience in identifying, building, and deploying Security use cases
- Have experience in integrating Cloud and On-premlog sources using data connectors
- Have experience in developing and implementing custom data connectors to integrate non-standard log sources
- Have extensive experience in building searches, reports, and dashboards
- Establish and maintain configuration control and provide technical support
- Have experience in preparing Azure Sentinel documentation including but not limited to Runbook, Playbooks, Use Case Library, Architect/Design document and SOPs
- Experience in rolling out other SIEM solutions in large enterprise
- Have experience with SOC operations and threat hunting
- Have performed L3 support role in past
- Have performed client facing roles in past
- Have worked in a global team environment
- Have worked with any international client in past
Vacancy expired!
Report job