Position:
Full-Time Location:
Remote Start Date:
ASAP
Nationality:
Any
Windows Management Experts (WME) is looking for a mid-level Microsoft Sentinel Architect Role for one of our valued clients. The selected candidate will implement and configure Microsoft Sentinel, a cloud-native Security Information and Event Management (SIEM) solution, to collect, aggregate, and analyze security events from various sources.
This is a massive E5 project for our client as they are moving from Splunk to Sentinel. There are about 140 automations to cut over and the main thing they are looking for is experience with Defender for Identity and Defender for Office.
Going by skills, you will cover a senior-level position. We require extensive experience in cybersecurity and systems architecture. You will design, plan, and implement comprehensive security architectures. Overall, your focus will be on creating a secure foundation for an organization’s IT infrastructure. We will require you to make long-term Strategic Planning and high-level security decisions for the client organization.
With a strong understanding of threat intelligence and integration of threat feeds into Microsoft Sentinel for proactive threat hunting and incident detection, the candidate should have demonstrated proficiency in using Azure Log Analytics to analyze and visualize security data, create custom dashboards, and generate reports for security monitoring and reporting.
All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.
Note: The selected candidate will work 20 hours/ week.
Required Skills/Qualifications/Education:
- A Bachelor’s or Master’s degree in a relevant field with a strong academic background.
- 1-3 years of experience with Sentinel.
- Advanced certifications i.e. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Architect (CISA), etc.
- Deep understanding of Microsoft Sentinel architecture i.e. data connectors, workspaces, playbooks, and hunting queries.
- Experience with Microsoft Azure Cloud platform i.e. Azure Sentinel deployment and configuration, data source integration, and automation using Azure Logic Apps.
- Strong knowledge of security technologies and concepts, such as Security Information and Event Management (SIEM), Security Operations Center (SOC), threat hunting, etc.
- Expertise in configuring and managing data connectors for various security data sources.
- Strong leadership and strategic thinking skills for shaping an organization’s security posture.
- Proficiency in managing large-scale security projects and initiatives.
- A deep understanding of compliance requirements and regulations relevant to the industry.
- Excellent communication skills to liaise with executive leadership and external partners.
- A track record of researching, evaluating, and implementing innovative security technologies and practices.
- Ability to collaborate with multiple departments and stakeholders to align security with business objectives.
- Advanced incident response and crisis management capabilities.
Responsibilities of the Desired Microsoft Sentinel Architect Role:
- Develop and continuously improve the organization’s security architecture.
- Design and implement comprehensive security solutions for all IT systems.
- Define and enforce security policies, procedures, and standards.
- Lead security risk assessments and threat modeling efforts.
- Provide strategic direction for all security initiatives.
- Act as a liaison with external security partners and vendors.
- Create and maintain documentation of security architectures, policies, and procedures.
- Design, develop, and maintain custom alert rules and detection logic in Microsoft Sentinel.
- Develop and implement security playbooks in Microsoft Sentinel to automate security incident response processes.
- Collaborate with other security teams, such as Security Operations Center (SOC) analysts and incident response teams.
- Participate in threat-hunting activities using Sentinel to proactively search for indicators of compromise (IOCs)
- Develop strong working relationships with support teams, management, and cross-functional working groups.
- Provide operational support such as training and documentation.
- Forward-thinking to identify upcoming trends and security best practices.
- Identify gaps in controls, processes, and systems and recommend solutions.
- Manage and maintain Microsoft Sentinel’s security analytics rules, including regularly reviewing and fine-tuning detection logic to optimize detection accuracy and reduce false positives/negatives.
Core Values:
- Integrity (Doing What’s Right)
- Inclusion (Encouraging Diversity)
- Teamwork (Working Together)
- Excellence (Being Your Best)
- Accountability (Taking Personal Responsibility)
Disclaimer
All the qualified applicants will receive due consideration for employment without any regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.