MS Sentinel

Job Description We are seeking an experiencedMicrosoft XDR and Sentinel Expertto join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure. The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem. Qualifications:BE/B-tech In IT or MCA or equivalent Requirements & Skills: - - Proven hands-on experience with Microsoft Sentinel and Microsoft Defender for Endpoint Implementation. - - - Strong proficiency inKusto Query Language (KQL). - - - Experience withPowerShellandLogic Appsfor automation. - - - Deep understanding of SIEM/SOAR, EDR, XDR concepts, and cybersecurity frameworks. - - - Familiarity with Microsoft 365 Defender, Azure Security Center, and related Microsoft security tools. - - - Strong troubleshooting, analytical, and communication skills. - - - Familiarity with MITRE ATT&CK & NIST framework. - Certifications: CISSP/CISM/ISO 27001/20000 or any other IT Security Certification Azure Cloud /Office365 (optional)/ SC-200/ SC-100/ AZ-500 Experience:Minimum 3 Years Experience in IT security, SOC design & Operations. Personal attributes: - - Excellent communication skills, both verbal and written. - - Training & Presentation Skill - - Effectively articulate ideas, convey information - - Establishing rapport, actively listening to customer needs and concerns, and demonstrate empathy - - Address customer inquiries or issues promptly and professionally - - Clear and concise communication is essential for understanding requirements & expectations - Work Environment: Posting at Faridabad /Greater Noida, Shift Main Tasks: - - Endpoint detection and response (EDR) (Detecting security threats, Containing the threat at the endpoint, Investigating the threat, Remediating the threat before it spreads) - - User and entity behavior analytics (UEBA), Cyber threat hunting, Threat intelligence - - Cybersecurity, Threats detections. Application Penetration Testing, Public-Private Cloud Security - - Organize Security Trainings/Awareness Programs - - SOC Monthly Reports preparation & Presentation to Senior Management - - Dealing with Customers for IT security issues - - Provide Consultancy to the Customers - - Configure and manage Microsoft Defender for Endpoint (MDE) across Windows, macOS, and mobile endpoints. - - Integrate Defender with Microsoft 365 Defender and Sentinel for end-to-end visibility. - - Design and enforce endpoint protection policies, EDR settings, and attack surface reduction rules. - Implement, and manage Microsoft Sentinel (SIEM/SOAR). - Develop and tune analytic rules, workbooks, playbooks (Logic Apps), and hunting queries using KQL - Integrate data connectors from various Microsoft and third-party sources (e.g., Azure, M365, security appliances) - Lead the development of automation workflows to streamline alert handling and response. - Act as the go-to expert for SOC teams, helping with incident triage and threat investigation. - Provide expert guidance in security operations, threat detection, and response processes. - Conduct knowledge transfer sessions and develop internal documentation. - Custom parser creation for unsupported devices. - Custom SOAR Playbook creation, Integration with REST APIs. - Handle critical or escalated incident & provide guidance to Team. Other Tasks: - Identify potential risks or issues before they escalate - Embrace change, adapt quickly to shifting IT Security needs or conditions. - Proactively seek new opportunities for improvements and Adjust IT Security strategies accordingly - Stay updated on industry trends to implement relevant Security solutions - Pay attention to details to ensure project requirements and deliverables are met accurately - Review project documentation, monitor progress - Work closely with diverse teams, stakeholders, and clients.