SIEM Administrator - Azure Sentinel @ A2Mantra

Job Description

Job Description Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. Should have performed SIEM engineering role more than 4+ years. Problem solving & People management skills are required. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment. and maintenance of log forwarders, maintenance of local agents. Leverage Threat Intelligence feeds in Sentinel analytics and SOAR Good to have proficiency in Linux, Python, PowerShell Should have expertise in integrating data sources which are not supported by Sentinel tool. Custom parser development and ability to solve technical issues in Sentinel are must have requirements. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification. Good to have strong knowledge in Microsoft defender products, Microsoft Cloud services and Azure Arc. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure. Preferred Skills : Azure Sentinel, Integration, Parser. (ref:hirist.tech

Employement Category:

Employement Type: Full time
Industry: Security / Detective Services
Role Category: IT Operations / EDP / MIS
Functional Area: Not Applicable
Role/Responsibilies: SIEM Administrator - Azure Sentinel

+ View Contact

Keyskills:   Linux Python PowerShell MS Sentinel SIEM engineering Azure logic apps KQL queries MITRE attack framework Threat Intelligence feeds Sentinel advanced features Threat Intelligence feeds SOAR Microsoft defender products Microsoft Cloud services Azure Arc