Microsoft Sentinel SME

About the Company:

Headquartered in California, U.S.A., GSPANN provides consulting and IT services to global clients. We help clients transform how they deliver business value by helping them optimize their IT capabilities, practices, and operations with our experience in retail, high-technology, and manufacturing. With five global delivery centers and 2000+ employees, we provide the intimacy of a boutique consultancy with the capabilities of a large IT services firm.

Job Position: Microsoft Sentinel SME

Experience Required: 10 to 12 Years.

Location: Hyderabad

Technical Skill Requirements: Microsoft Sentinel SIEM, Cybersecurity, Sentinel/XDR/SOAR, SOC, KQL, SOAR, Azure Cloud Security, EntraID

Roles & Responsibilities

• Architect, deploy, configure, and optimize Microsoft Sentinel.
• Manage data connectors, analytics rules, UEBA, watchlists, content hub, and governance.
• Develop and tune KQL rules, correlation logic, and UEBA use cases.
• Map detection content to MITRE ATT&CK, NIST CSF, CIS, and Zero Trust frameworks
• Build and optimize Logic Apps playbooks for automated alert enrichment, response, ticketing, containment, and orchestration.
• Conduct proactive threat hunting across Sentinel, Defender XDR, and integrated telemetry sources using KQL, TI feeds, IOC matching, and behavioural analytics.
• Support Tier 2/3 investigations, perform forensics, lead containment/remediation, and create incident post-mortems.
• Integrate Sentinel with Defender Suite, ServiceNow/Jira, EDR, vulnerability scanners, IAM/IDP platforms, network security tools, and third-party APIs.
• Develop dashboards and reports for ISO 27001, SOC 2, PCI-DSS, GDPR, CCPA, NIST 800-53, HIPAA compliance.
• Implement ingestion strategies, data tiering, RBAC, retention policies, and continuous platform health management.
• Participate in co-managed SOC model, lead onboarding workshops, provide stakeholder reporting, and coach operational teams.
• Maintain detection quality, evolve rule stacks, integrate threat intel, maintain Sentinel-as-Code, and support operational maturity.

Must-Have Skills:

• 7–10 years in Cybersecurity
• Hands-on Sentinel/XDR/SOAR experience
• SOC Operations experience
• Managed SOC / MSSP / Multi-Tenant experience
• Microsoft Sentinel SIEM
• KQL Querying & Detection Engineering
• SOAR (Logic Apps Automation)
• Microsoft Defender XDR Suite (Identity, Endpoint, M365, OT/IoT optional)
• Threat Intelligence & MITRE ATT&CK alignment
• IR Frameworks (DFIR, Forensics, Playbooks, Runbooks)
• Azure Cloud Security + Entra ID
• API/REST/JSON Automation
• Infrastructure + Network Security Knowledge
• DevOps/Sentinel-as-Code (GitHub, ARM, Terraform, CI/CD

Certifications (Preferred)

• SC-200, SC-100, AZ-500
• CISSP, GCIH, GCIA, CEH, CySA+, AZ-104
• Defender, Entra ID, Azure Sentinel relevance

Why choose GSPANN

“We GSPANNians” are at the heart of the technology that we pioneer. We do not service our customers, we co-create.

With the passion to explore solutions to the most challenging business problems, we support and mentor the technologist in everyone who is a part of our team. This translates into innovations that are path-breaking and inspirational for the marquee clients, we co-create a digital future with.

GSPANN is a work environment where you are constantly encouraged to sharpen your abilities and shape your growth path, We support you to become the best version of yourself by feeding your curiosity, providing a nurturing environment, and giving ample opportunities to take ownership, experiment, learn and succeed.

We’re a close-knit family of more than 2000 people that supports one another and celebrates successes, big or small. We work together, socialize together, and actively serve the communities we live in.

We invite you to carry forward the baton of innovation in technology with us.

At GSPANN, we do not service. We Co-create.

Discover your inner technologist - Explore and expand the boundaries of tech innovation without the fear of failure.

Accelerate your learning - Shape your career while scripting the future of tech. Seize the ample learning opportunities to grow at a rapid pace

Feel included - At GSPANN, everyone is welcome. Age, gender, culture, and nationality do not matter here, what matters is YOU

Inspire and Be Inspired - When you work with the experts, you raise your game. At GSPANN, you’re in the company of marquee clients and extremely talented colleagues

Enjoy Life - We love to celebrate milestones and victories, big or small. Ever so often, we come together as one large GSPANN family

Give Back - Together, we serve communities. We take steps, small and large so we can do good for the environment, weaving in sustainability and social change in our endeavors.

We invite you to carry forward the baton of innovation in technology with us.

Let’s Co-create.