Microsoft Sentinel Associate

Position:	Full-Time
Location:	Remote
Start Date:	ASAP
Nationality:	Any

Windows Management Experts (WME) is looking for a Microsoft Sentinel Associate (Not architect level) Role for one of our valued clients. The selected candidate will assist in monitoring and managing security systems. They will respond to security alerts and conduct routine security tasks. That said, you will work under the supervision of more experienced Sentinel professionals.

This is a massive E5 project for our client as they are moving from Splunk to Sentinel. There are about 140 automations to cut over and the main thing they are looking for is experience with Defender for Identity and Defender for Office.

As a Microsoft Sentinel Associate, you will assist in analyzing security incidents and vulnerabilities to determine their severity. You will also maintain and update security documentation and procedures. You’ll also support routine security audits, vulnerability assessments, and compliance checks.

That said, you’ll also manage security data sources and connectors in Microsoft Sentinel, including configuring data collection and normalization settings for various log sources such as Azure Active Directory, Azure Sentinel, Azure Firewall, and more.

Moreover, you should have deep expertise in creating and customizing advanced hunting queries in Sentinel to identify and investigate security threats and incidents. Also, you should have familiarity with regulatory compliance requirements, such as GDPR, HIPAA, and PCI DSS, and the ability to configure Sentinel to meet compliance obligations.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Note: The selected candidate will work 40 hours/week.

Required Skills/Qualifications/Education:

• A Bachelor’s degree in a relevant field such as cybersecurity, computer science, or information technology.
• 1-3 years of experience in Sentinel.
• Basic understanding of cybersecurity principles i.e. threat detection, incident response, and security technologies.
• Strong analytical and problem-solving abilities to identify and assess security risks.
• Deep understanding of Microsoft Sentinel architecture.
• Proficient in designing, configuring, and implementing Microsoft Sentinel solutions.
• Experience with Microsoft Azure Cloud platform.
• Strong knowledge of security technologies and concepts.
• Ability to create and manage security incidents, alerts, and rules in Microsoft Sentinel.
• Experience with creating and customizing playbooks in Microsoft Sentinel.
• Effective written and verbal communication skills.
• A willingness to learn and adapt to new technologies and security tools.
• Familiarity with common security tools and software used in monitoring and securing systems.
• Entry-level certifications such as CompTIA Security+ can be a plus.
• A commitment to security protocols, regulations, and attention to detail.
• Basic understanding of networking fundamentals.
• Multitasking abilities to handle and prioritize multiple tasks efficiently in a dynamic environment.
• Experience with Azure Sentinel incident management and tracking.

Responsibilities of the Desired Microsoft Sentinel Associate Role:

• Monitor security systems and tools for suspicious activities and potential security incidents.
• A thorough analysis of security events and incidents using Microsoft Sentinel’s built-in query language (KQL) to investigate and identify root causes of security breaches.
• Design, develop, and maintain custom alert rules and detection logic in Microsoft Sentinel.
• Develop and implement security playbooks in Microsoft Sentinel to automate security incident response processes.
• Participate in security awareness and training initiatives to educate staff.
• Collaborate with senior team members during incident response efforts to mitigate and resolve security incidents.
• Assist in the installation, configuration, and management of security software and tools.
• Report security incidents and findings to senior team members and management.
• Help with the deployment of security patches and updates to ensure systems are up to date.
• Maintain an inventory of security hardware and software assets.
• Stay informed about emerging cybersecurity threats and trends.
• Follow and enforce security policies and guidelines within the organization.
• Assist in basic troubleshooting of security-related issues.
• Participate in threat-hunting activities using Sentinel to proactively search for indicators of compromise (IOCs).
• Identify gaps in controls, processes, and systems and recommend solutions.
• Manage and maintain Microsoft Sentinel’s security analytics rules.
• Conduct regular security assessments and audits of Microsoft Sentinel’s configuration and performance.
• Collaborate with Microsoft support and engineering teams to escalate and resolve technical issues related to Microsoft Sentinel.

Core Values:

• Integrity (Doing What’s Right)
• Inclusion (Encouraging Diversity)
• Teamwork (Working Together)
• Excellence (Being Your Best)
• Accountability (Taking Personal Responsibility)

Disclaimer

All the qualified applicants will receive due consideration for employment without any regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.