Design, deploy, and configure Microsoft Sentinel to monitor, detect, and respond to security threats within clients Microsoft cloud environments.
Collaborate with cross-functional teams to integrate Microsoft Sentinel with other security tools and technologies, ensuring seamless data flow and effective threat detection capabilities.
Conduct proactive threat-hunting activities to identify and mitigate potential security risks before they escalate.
Support internal staff, ensuring prompt and effective resolution of security-related issues.
Develop and maintain playbooks, alerts, and automated response mechanisms within Microsoft Sentinel to enhance efficiency and reduce manual intervention.
Requirements
At least 2 years of experience as a security engineer/analyst focused on supporting Microsoft Sentinel as the primary SIEM.
Strong proficiency in configuring and managing Microsoft Sentinel, including creating custom queries, dashboards, and playbooks.
Experience with other Microsoft cloud technologies such as Entra ID, Conditional Access Policies, Azure Security Centre, Defender for Office 365, Microsoft Defender for Endpoint, etc.
Proficiency in scripting and automation using languages like PowerShell, Power Automate, Logic Apps, or similar.
Solid understanding of cybersecurity principles, threat intelligence, and attack methodologies.
Excellent analytical and problem-solving skills with a keen attention to detail.
