ewandzdigital Inc. - Microsoft Sentinel Engineer (6-8 yrs)

Job Description :

Technical Skill Experience :

- Experience with creating custom: analytics rules, workbooks, and Logic Apps.

- Preferred with experience in Microsoft Sentinel SIEM, Azure Log Analytics Monitoring, Sentinel Use Case, Workbooks, Playbooks & Threat intelligence.

- Strong experience in implementation of MS Sentinel, log source integration, logic apps, use case management.

- Experience in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration.

- Experience in forming KQL queries and functions for complex detection and monitoring requirements.

- Strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework.

- Expert Level experience with Plan, Design, Implement and Manage the Microsoft Sentinel for Enterprise customers.

- Experience in preparing the Project Plan, Design document, Runbook, SOPs for Microsoft Sentinel Solution

- Define the SOC security architecture, ensuring that it meets the business requirements and performance goals.

- Azure Sentinel Administrator, Sentinel Architect Expert -Sentinel Use Case Build, Sentinel based SOC & Azure Logic Apps

- Assist with client transition and onboarding serving as a point of contact for Managed Security Service clients.

- Implement, configure, and maintain the SIEM and any related Azure components.

- The ability to develop, deploy and tune SIEM content such as analytics rules, workbooks, and scripts.

- Sentinel Log Analytics Knowledge of Architecture planning, Infrastructure designing deployment.

- Experience developing enterprise strategic implementation of Sentinel in large scale

- Architect and design solutions to meet functional security requirements in Azure Sentinel.

- Create and review Azure Sentinel architecture and solution design artifacts.

- Setup and configure Azure Sentinel, Azure Security Centre, Microsoft Defender, and M365 Security.

- Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements.

- Experience in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements.

- Microsoft Security certifications : If candidate has any of the following certifications it will be an added advantage Sentinel Ninja Level 400, AZ500, SC200, SC100 & MS500