
L2 Azure Sentinel
6 hours ago
Overview:
Seeking a Security Analyst with expertise in Microsoft Sentinel and the Microsoft Defender Suite (EDR, XDR, SIEM, SOAR). Role involves threat detection , incident response , threat hunting , and automation using KQL , PowerShell , Defender for Cloud , Defender for Office 365 , MDVM , Copilot for Security , and ServiceNow SecOps SIR for incident tracking and workflow management.
Total Experience:
2+ Years || Overall – 5 Years
Job Technologies:
2+ years with Microsoft Sentinel in a SOC environment. Strong KQL skills; experience in threat hunting and incident handling. Familiarity with Azure Security Center, Defender Suite, Azure AD logs. Experience with ServiceNow SecOps SIR for incident workflow and ticketing. Understanding of MITRE ATT&CK and incident lifecycle. Experience onboarding log sources and building SOAR workflows. Knowledge of NIST, ISO 27001, CIS Controls. Solid grasp of network, cloud, and endpoint security. PowerShell scripting for automation.Responsibilities:
Manage and optimize Microsoft Sentinel for detection, investigation, and response. Build and tune Analytics Rules , Workbooks , and Hunting Queries (KQL). Develop Logic Apps / Playbooks for automated workflows. Onboard data connectors (M365, Azure AD, MDE, Firewall logs, custom APIs). Monitor and respond to alerts from MDE , MDO , MDI , Defender for Cloud , and MDVM . Correlate incidents via Microsoft 365 Defender (XDR) . Use Copilot for Security for investigations and reporting. Leverage ServiceNow SecOps SIR module for case management, escalation, and incident lifecycle tracking. Perform threat hunting , triage, root cause analysis, and remediation. Fine-tune rules to reduce false positives. Produce SOC dashboards and compliance reports.-
Azure Sentinel SOC L2 L3 Mumbai
5 days ago
Bengaluru, India Capgemini Full time4-9 years previous Security Operations Centre L2/L3 support Experience in conducting security investigations.- - Must have Experience on Azure Sentinel.- - Experience with KQL Use case creation and fine tuning and Workbook development.- - Experience on tools such as SIEM EDR Firewall IDS IPS Vulnerability Management Web Filtering etc- - Experience on...
-
Azure Sentinel 4 to 6 Years Chennai
3 days ago
Bengaluru, India Capgemini Full timeSIEM monitoring.- Monitor incoming alerts- - Monitor SIEM health- - Monitor incoming SIEM tickets- Alert Investigation & Reporting- Provide initial triage for all SIEM alerts- - Escalate alert to L2 when approrpiate and as indicated by SOP- - Collect and include any relevant evidence for escalated alerts. This includes investigation steps already done, what...
-
SOC L2 Sentinel
2 weeks ago
Bengaluru, Karnataka, India vega consulting Full time1. A senior SOC analyst would work closely with the SOC team and be responsible for incident detection, triage, analysis, and response. 2. Hands-on experience with configurations and management of SIEM tools (Qradar (preferred), Azure Sentinel, and Splunk), including log source integrations, custom parsers built, fine tuning and optimizing the correlation...
-
Azure Sentinel 9 to 12 Years Pan India
2 days ago
Bengaluru, India Capgemini Full timeProvide superior technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers - Conduct detailed analytical queries and investigations identify areas that require specific attention identify indicators of compromise IOC or events of interest EOI that need further investigation and...
-
Azure logic apps- Sentinel
3 days ago
Bengaluru, Hyderabad, Pune, India Capgemini Full time ₹ 15,00,000 - ₹ 25,00,000 per yearRole & responsibilities :We are seeking a skilled and proactive Microsoft Sentinel Platform Engineer to lead the design, implementation, and management of Microsoft Sentinel across enterprise-scale environments. The ideal candidate will possess strong expertise in KQL, incident response, client engagement, and multi-tenant Azure environments. This role...
-
Azure Sentinel 6 to 9 Years Bengaluru
2 weeks ago
Bengaluru, India Capgemini Full timeStrong background developing Azure Sentinel analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting within the Azure Cloud. Strong and demonstrated background working with Log Analytics Workspaces, Kusto Query Language (KQL), Dashboard\workbook development. Strong understanding of Azure PaaS services. - Solid experience with Logic Apps in...
-
L2 Azure Sentinel
1 hour ago
Bengaluru, India TERRALOGIC Full timeOverview: Seeking a Security Analyst with expertise in Microsoft Sentinel and the Microsoft Defender Suite (EDR, XDR, SIEM, SOAR). Role involves threat detection , incident response , threat hunting , and automation using KQL , PowerShell , Defender for Cloud , Defender for Office 365 , MDVM , Copilot for Security ,...
-
Azure Sentinel 09 to 12 Years Bengaluru
1 week ago
Bengaluru, India Capgemini Full timeProvide superior technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers - Conduct detailed analytical queries and investigations identify areas that require specific attention identify indicators of compromise IOC or events of interest EOI that need further investigation and...
-
Microsoft Sentinel Professional
1 week ago
Bengaluru, Hyderabad, Pune, India IDESLABS PRIVATE LIMITED Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob DetailsSkills - Microsoft SentinelExperience - 6+YearsLocation - Hyderabad,Bengaluru,Pune, Chennai.Job type - Contract to HIREPrimary Skills:Strong experience with Microsoft Sentinel architecture, including workspaces, playbooks, and automation.Expertise in Azure Cloud, including Azure Defender for cloud, XDR(MDE/MDI/MDO), and Azure EntraID.Proficiency...
-
Azure Sentinel Sme 6 to 9 Years Pan India
7 days ago
Bengaluru, India Capgemini Full time**SIEM maintenance**: Content finetuning (use-cases, hunting queries, playbooks, workbooks etc.) Log flow monitoring and anomaly detection **Onboarding of customers**: Participate in creation of a customer onboarding plan Connecting data sources to Sentinel and validating them with customers Creating content for those data sources SIEM content...