🌎
This job posting isn't available in all website languages

SIEM Sentinel Engineer

🔍 Gurgaon, Haryana, India

📁
Lead Consultant-IT
📅
145836 Requisition #
📅
Nov 29, 2024 Post Date

SIEM Sentinel Engineer

  1. Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position.
  2. Should have performed SIEM engineering role more than 4+ years. Problem solving  & People management skill is required.
  3. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration.
  4. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements.
  5. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework.
  6. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements.
  7. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents.
  8. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements.
  9. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required.
  10. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents.
  11. Should have proven record of participation in customer or client reviews or global certifications  regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have.
  12. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification.
  13. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc.
  14. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements.
  15. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure.
  16. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage.

SIEM Sentinel Engineer

  1. Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position.
  2. Should have performed SIEM engineering role more than 4+ years. Problem solving  & People management skill is required.
  3. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration.
  4. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements.
  5. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework.
  6. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements.
  7. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents.
  8. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements.
  9. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required.
  10. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents.
  11. Should have proven record of participation in customer or client reviews or global certifications  regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have.
  12. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification.
  13. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc.
  14. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements.
  15. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure.
  16. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage.

Previous Job Searches