CyberProof - Team Lead - Azure Sentinel (5-6 yrs)

We are seeking a highly skilled and experienced Team Lead to manage.

You will lead a team responsible for developing, optimizing, and maintaining detection rules, use cases, and playbooks within Azure Sentinel, ensuring our clients' security posture is robust and effective.

This role requires a blend of technical proficiency, leadership skills, and excellent customer communication abilities.

Main Tasks and Accountabilities :

Azure Sentinel Expertise & Implementation :

- Understand and translate customer security requirements into effective Azure Sentinel solutions.

- Provide consultative advice on security principles and best practices related to Azure Sentinel operations.

- Develop new Azure Sentinel use cases, rules, correlations, and dashboards to meet customer needs.

- Design and document Azure Sentinel architectures tailored to customer requirements.

- Assist customers with Azure Sentinel sizing, architecture planning, and technical meetings.

- Provide technical guidance to customers on configuring log sources for ingestion into Azure Sentinel.

- Verify the integrity and accuracy of log source data within Azure Sentinel.

Detection Engineering & Content Development :

- Apply expertise in KQL to develop and optimize detection rules and use cases within Azure Sentinel.

- Utilize knowledge of attack frameworks like MITRE ATT&CK and TTPs to map detection rules effectively.

- Ensure thorough documentation of all use cases and playbooks, including detailed descriptions, workflow diagrams, and technical configurations.

Team Leadership & Mentorship :

- Manage and mentor a team of security engineers focused on detection rule, use case, and playbook development in Azure Sentinel.

- Ensure the team adheres to established timelines and delivery expectations.

- Foster a collaborative and high-performing team environment.

Customer Relations & Communication :

- Effectively communicate technical concepts to both technical and non-technical audiences.

- Provide excellent customer service and build strong client relationships.

- Collaborate with cross-functional teams to ensure seamless service delivery.

Technical Skills :

- Minimum 5 years of hands-on experience with the Azure Sentinel SIEM platform.

- At least 5 years of experience in detection engineering or cybersecurity research.

- Strong proficiency in KQL for writing use cases in Azure Sentinel.

- Familiarity with various security attack vectors and protection methods.

- Knowledge of common attack frameworks (MITRE ATT&CK, TTPs).

- Understanding of security monitoring, incident detection, and incident response best practices.

- Preferred SIEM vendor certification of administrator.

Leadership & Soft Skills :

- Proven experience managing technical teams.

- Strong analytical and problem-solving skills.

- Excellent communication and collaboration skills.

- Ability to work independently and as a self-starter.

Education & Certifications :

- University degree in information security or equivalent work experience.

- Relevant certifications (e.g, GIAC GSOC, GCFA, CISSP) are an advantage.

Technical Skills Breakdown :

Azure Sentinel :

- Use Case Development

- Rule Creation & Optimization

- Correlation Logic

- Dashboard Design

- Log Source Configuration

- Architecture Design

- KQL Query Language.

Cybersecurity :

- Detection Engineering

- Incident Detection & Response

- Threat Intelligence

- MITRE ATT&CK Framework

- TTPs (Tactics, Techniques, and Procedures)

- Security Monitoring.

General :

- SIEM administration.

Benefits :

- Competitive salary and benefits package.

- Opportunity to work with cutting-edge Azure security technologies.

- Collaborative and supportive work environment.

- Opportunities for professional growth and development.