Microsoft Sentinel Engineer

Position:
Full-Time
Location: 
Remote
Start Date: 
ASAP
Nationality:
Any

Windows Management Experts (WME) is looking for a Microsoft Sentinel Engineer Role for one of our valued clients. The selected candidate will Implement and configure Microsoft Sentinel, a cloud-native Security Information and Event Management (SIEM) solution, to collect, aggregate, and analyze security events from various sources.

As a Microsoft Sentinel Engineer, you will conduct a thorough analysis of security events and incidents using Microsoft Sentinel’s built-in query language (KQL) to investigate and identify root causes of security breaches. You’ll also manage security data sources and connectors in Microsoft Sentinel, including configuring data collection and normalization settings for various log sources such as Azure Active Directory, Azure Sentinel, Azure Firewall, and more.

Moreover, you should have deep expertise in creating and customizing advanced hunting queries in Sentinel to identify and investigate security threats and incidents. Also, they should have familiarity with regulatory compliance requirements, such as GDPR, HIPAA, and PCI DSS, and the ability to configure Sentinel to meet compliance obligations.

With a strong understanding of threat intelligence and integration of threat feeds into Microsoft Sentinel for proactive threat hunting and incident detection, the candidate should have demonstrated proficiency in using Azure Log Analytics to analyze and visualize security data, create custom dashboards, and generate reports for security monitoring and reporting.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required Skills/Qualifications/Education:

  • Bachelor’s degree in Computer Science or equivalent experience.
  • Deep understanding of Microsoft Sentinel architecture, including components such as data connectors, workspaces, playbooks, and hunting queries.
  • Proficient in designing, configuring, and implementing Microsoft Sentinel solutions to collect, analyze, and respond to security events and incidents.
  • Experience with Microsoft Azure Cloud platform, including Azure Sentinel deployment and configuration, data source integration, and automation using Azure Logic Apps.
  • Strong knowledge of security technologies and concepts, such as Security Information and Event Management (SIEM), Security Operations Center (SOC), threat hunting, incident response, and security analytics.
  • Expertise in configuring and managing data connectors for various security data sources, such as Azure Security Center, Microsoft 365 Defender, Azure Active Directory, Azure Firewall, and third-party security solutions.
  • Ability to create and manage security incidents, alerts, and rules in Microsoft Sentinel to detect, triage, and respond to security events.
  • Experience with creating and customizing playbooks in Microsoft Sentinel to automate security response actions, such as sending notifications, blocking IPs, and running remediation scripts.
  • Experience with Azure Sentinel incident management and tracking, including incident escalation, assignment, and resolution.
  • Proficient in using Azure Monitor and Azure Security Center in conjunction with Microsoft Sentinel for comprehensive security monitoring and threat detection across cloud and on-premises environments.
  • Ability to create and manage security baselines, customized analytics, and alert suppression rules in Sentinel to optimize security monitoring and reduce false positives.
  • Ability to remain cooperative and professional in stressful situations.
  • Working experience in a 24×7 environment.
  • Well-organized personality with great attention to minimalistic details.

Responsibilities of the Desired Microsoft Sentinel Engineer Role:

  • Design, develop, and maintain custom alert rules and detection logic in Microsoft Sentinel to detect and respond to security threats in real time.
  • Develop and implement security playbooks in Microsoft Sentinel to automate security incident response processes, including creating incidents, triggering notifications, and executing remediation actions.
  • Collaborate with other security teams, such as Security Operations Center (SOC) analysts and incident response teams, to provide technical expertise in identifying and resolving security incidents using Microsoft Sentinel.
  • Participate in threat-hunting activities using Sentinel to proactively search for indicators of compromise (IOCs) and potential security threats within the organization’s environment.
  • Develops strong working relationships with support teams, management, and cross-functional working groups.
  • Provides operational support such as training and documentation.
  • Forward-thinking to identify upcoming trends and security best practices.
  • Identifies gaps in controls, processes, and systems and recommends solutions.
  • Manage and maintain Microsoft Sentinel’s security analytics rules, including regularly reviewing and fine-tuning detection logic to optimize detection accuracy and reduce false positives/negatives.
  • Conduct regular security assessments and audits of Microsoft Sentinel’s configuration and performance.
  • Provide technical guidance and support to other members of the security team, including training on advanced features and functionalities.
  • Stay up to date with the latest threat intelligence, security trends, and Microsoft Sentinel updates.
  • Troubleshoot technical issues including investigating and resolving data ingestion failures, query performance issues, and other operational challenges.
  • Design and implement custom dashboards, visualizations, and reports in Microsoft Sentinel to provide meaningful insights into security events and incidents for various stakeholders, including executives, auditors, and regulators.
  • Participate in incident response and forensics investigations using Microsoft Sentinel, including conducting deep-dive analysis of security incidents, documenting findings, and providing recommendations for improving security controls.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

Disclaimer

All the qualified applicants will receive due consideration for employment without any regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Share:

Facebook
Twitter
LinkedIn

Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Power BI - Developer

    Power BI – Developer

    Location:     REMOTE Work:           FULL-TIME Start Date:   ASAP Nationality:  REMOTE Windows Management Experts (WME) is seeking a motivated and experienced Power BI Developer Role to join one of our client companies. As a BI developer, you will focus on converting raw

    Read More »
    Security Risk Management Contractor

    Security Risk Management Contractor

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Duration: 9-10 Months Windows Management Experts (WME) is seeking a motivated and experienced Security Risk Management Contractor Role to join one of our client companies. Our client company is an Advisory, Assurance, Tax Firm. You

    Read More »
    Linux Consultant Engineer Required by WME

    Linux Consultant Engineer

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is seeking a motivated and experienced Linux Consultant Role to join one of our client companies. Your primary focus will be on overseeing and participating in the patching processes of their

    Read More »

    System Engineer FL

      Position: Full-Time Location:  Tampa, FL Based Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated & experienced System Engineer Role to join one of our valued clients for a migration implementation project. As the lead system engineer, you’ll use your

    Read More »
    Network Engineer Required by WME

    Network Engineer FL

    Position:         Full-Time Location:        Tampa FL Based Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a motivated & experienced Network Engineer Role to join one of our valued clients for a migration

    Read More »
    Hybrid AD Migration Engineer required by WME

    Hybrid AD Migration Engineer

    Position:         Full-Time Location:        Remote Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a motivated and experienced Hybrid AD Migration Engineer Role to join one of our client companies. The candidate

    Read More »

      You can opt out if you are not interested in updates about this job and related jobs.