Key Responsibilities:
1. Design & Implementation:
• Integrate Azure Sentinel with on-premises and cloud-based resources for comprehensive threat visibility.
• Develop and manage Log Analytics Workspaces and data connectors.
2. Security Monitoring & Threat Detection:
• Create and maintain custom rules, alerts, and automation playbooks.
• Analyze security events, identify threats, and provide actionable recommendations.
• Monitor and manage SIEM dashboards for real-time threat intelligence.
3. Incident Response & Management:
• Respond to security incidents and conduct root cause analysis.
• Coordinate with stakeholders to mitigate risks and resolve vulnerabilities.
4. Optimization & Automation:
• Enhance Sentinel performance by optimizing data ingestion and query performance.
5. Documentation & Reporting:
• Develop and maintain documentation for configurations, processes, and incident responses.
• Generate detailed reports on security incidents, trends, and recommendations.
Qualifications & Skills:
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Proven experience with Azure Sentinel, Microsoft Defender, and Azure Security tools.
• Strong understanding of SIEM platforms and security operations.
• Knowledge of KQL (Kusto Query Language) for writing log queries and analytics rules.
• Familiarity with threat detection frameworks like MITRE ATT&CK.
• Experience with incident response, threat hunting, and SOC operations.
