GMS_CS_NGSO TDR MS Senior(TechOps - Sentinel/Defender)
EY
- Thiruvananthapuram, Kerala
- Permanent
- Full-time
- Architecting and implementation of cloud security monitoring platforms Azure Sentinel/Defender ATP for various customers.
- Provide consulting to customers during the testing, evaluation, pilot, production, and training phases to ensure a successful deployment.
- Perform as the subject matter expert on Cloud Security solutions for the customer, use the capabilities of the solution in the daily operational work for the end customer.
- Securing overall cloud environments by applying cybersecurity tools and best practices
- Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
- Content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems
- Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
- Expertise in content management in Azure Sentinel and Defender ATP
- Good knowledge in threat modelling. Experience in creating use cases under Cyber kill chain and Mitre attack framework
- Expertise in integrating critical devices/applications including unsupported (in-house built) by creating custom parsers
- Below mentioned experiences/expertise on Sentinel
- Develop a migration plan from Splunk/QRadar/LogR to Azure Sentinel
- Deep understanding of how to implement best practices for designing and securing Azure platform
- Experiencing advising on Microsoft Cloud Security capabilities across Azure platform
- Configure data digestion types and connectors
- Analytic design and configuration of the events and logs being digested
- Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
- Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
- Experience in other cloud native security platforms like AWS and GCP is a plus
- Scripting knowledge (Python, Bash, PowerShell)
- Extensive knowledge of different security threats
- Good knowledge and experience in Security Monitoring
- Good knowledge and experience in Cyber Incident Response
- B. Tech./ B.E. with sound technical skills
- Strong command on verbal and written English language.
- Demonstrate both technical acumen and critical thinking abilities.
- Strong interpersonal and presentation skills.
- Certification in Azure (any other cloud vendor certification is a plus)
- People/Project management skills.
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you