Azure Sentinel Specialist – Security Engineering

Job Category Enterprise Technology This position will be involved in developing engineering SIEM SOAR solutions across the current and future security portfolio with a strong initial focus on Microsoft Sentinel The ideal candidate should have experience configuring managing and optimizing Azure Sentinel to support a mature SOC This role involves working closely with IT security teams to enhance our security posture while ensuring compliance with industry standards and best practices Responsibilities Responsibilities Manage all aspects of a SIEM SOAR including subscription management query optimization workbook playbook management analytic rules and cost optimization Collaborating internally and across the organization in driving cloud adoption of security technologies Stay current with industry trends best practices and emerging technologies related to DevOps and cloud computing Extensive collaboration with technical and business facing stakeholders to engineer solutions which exceed customer expectations and drive significant business value Implement and monitor security standards across development testing and production environments Collaborate with Cloud operational engineering teams to resolve deployment issues and ensure smooth operations Deploy configure and manage Azure Sentinel solutions for effective security monitoring and incident response Integrate Azure Sentinel with various data sources native and non-native connectors and Azure services to ensure comprehensive threat visibility across the organization Create and fine-tune analytics rules workbooks and playbooks to automate and improve threat detection and response processes Utilize futuristic tools technology and frameworks for enhancing business experience Participate in the development of a healthy product backlog ensuring agile practices are followed Proactively identify opportunities to improve and automate existing technologies Support strategic vision for new infrastructure and systems by providing input on roadmaps value maps in partnership with business stakeholders that aligns with the overall corporate strategy Support organizational wide Disaster Recovery and Business Continuity plans and strategy so the organization is prepared for potential events Support 24x7 security operations as needed Qualifications Qualifications Basic Qualifications Bachelor s degree in Computer Science Cyber Security or Information Systems 2 years of proven hands-on experience with SIEM SOAR with a strong preference for Microsoft Sentinel Microsoft certifications such as SC-200 and SC-100 knowledge of Azure DevOps tools and services including Azure Pipelines Repos Artifacts and Boards Familiarity with threat intelligence platforms and cybersecurity frameworks such as NIST or MITRE ATT CK 1 year with engineering expertise with Full stack hands-on expertise with infrastructure including IaC such as Terraform or ARM templates 1 year of experience developing end-end using APIs and or scripting languages such as Powershell Python YAML JSON NodeJS etc 1 year leading projects and implementations Proficiency in creating custom queries using Kusto Query Language KQL Preferred Qualifications Technical Skills Understanding with hands-on experience of IT Security and Security Engineering technologies such as CASB CSPM Email Security Gateways SIEM SOAR Endpoint Protection EDR XDR DLP etc Significant experience with security orchestration automation and response SOAR tools Technical knowledge of cloud platforms Azure is strongly preferred Experience engineering reusable tools and self-service capabilities with automated infrastructure operations Experience in creating frontend components that support accessibility Proven experience in engineering solutions that improve the developer or user experience and productivity Hands-on experience setting up CI CD pipelines OpenShift Tekton or GitHub Actions or alike Knowledge of secure coding practices Experience setting up serverless functions using GCP Cloud Run or Cloud functions and configuring the respective cloud provider for scaling Robust knowledge of system design principles including reliability availability and scalability Understanding of security frameworks Experience setting up logging and monitoring services Dynatrace GCP Ops Suites Proven ability to implement and prove out POCs with speed vision and quality Strong consulting and analytical skills and a risk management mindset Other Skills Demonstrates the ability to be highly collaborative with peers across the organization Possess a high tolerance for ambiguity and ever-changing technology environment Possess a strong bias for action Naturally curious and stays on top of emerging trends and threats interpersonal skills with the ability to communicate effectively at all levels of the organization Familiarization with agile concepts Ability to thrive in working in a fast-paced technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities A sense of intellectual curiosity and a burning desire to learn You may not check every box or your experience may look a little different from what we ve outlined but if you think you can bring value to Ford Motor Company we encourage you to apply