MS Sentinel

Job Summary/Objective:

We are seeking an experienced Microsoft XDR and Sentinel Expert to join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure.

The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem.

Qualifications: BE/B-tech In IT or MCA or equivalent

Requirements & Skills:

• Proven hands-on experience with Microsoft Sentinel and Microsoft Defender for Endpoint Implementation.

• Strong proficiency in Kusto Query Language (KQL).

• Experience with PowerShell and Logic Apps for automation.

• Deep understanding of SIEM/SOAR, EDR, XDR concepts, and cybersecurity frameworks.

• Familiarity with Microsoft 365 Defender, Azure Security Center, and related Microsoft security tools.

• Strong troubleshooting, analytical, and communication skills.

• Familiarity with MITRE ATT&CK & NIST framework.

Certifications:

CISSP/CISM/ISO 27001/20000 or any other IT Security Certification

Azure Cloud /Office365 (optional)/ SC-200/ SC-100/ AZ-500

Experience: Minimum 3 Years' Experience in IT security, SOC design & Operations.

Personal attributes:

• Excellent communication skills, both verbal and written.
• Training & Presentation Skill
• Effectively articulate ideas, convey information
• Establishing rapport, actively listening to customer needs and concerns, and demonstrate empathy
• Address customer inquiries or issues promptly and professionally
• Clear and concise communication is essential for understanding requirements & expectations

Work Environment: Posting at Faridabad /Greater Noida,

Shift

Roles and Responsibilities

Main Tasks:

• Endpoint detection and response (EDR) (Detecting security threats, Containing the threat at the endpoint, Investigating the threat, Remediating the threat before it spreads)
• User and entity behavior analytics (UEBA), Cyber threat hunting, Threat intelligence
• Cybersecurity, Threats detections. Application Penetration Testing, Public-Private Cloud Security
• Organize Security Trainings/Awareness Programs
• SOC Monthly Reports preparation & Presentation to Senior Management
• Dealing with Customers for IT security issues
• Provide Consultancy to the Customers
• Configure and manage Microsoft Defender for Endpoint (MDE) across Windows, macOS, and mobile endpoints.
• Integrate Defender with Microsoft 365 Defender and Sentinel for end-to-end visibility.
• Design and enforce endpoint protection policies, EDR settings, and attack surface reduction rules.
• Implement, and manage Microsoft Sentinel (SIEM/SOAR).
• Develop and tune analytic rules, workbooks, playbooks (Logic Apps), and hunting queries using KQL
• Integrate data connectors from various Microsoft and third-party sources (e.g., Azure, M365, security appliances)
• Lead the development of automation workflows to streamline alert handling and response.
• Act as the go-to expert for SOC teams, helping with incident triage and threat investigation.
• Provide expert guidance in security operations, threat detection, and response processes.
• Conduct knowledge transfer sessions and develop internal documentation.
• Custom parser creation for unsupported devices.
• Custom SOAR Playbook creation, Integration with REST APIs.
• Handle critical or escalated incident & provide guidance to Team.

Other Tasks:

• Identify potential risks or issues before they escalate
• Embrace change, adapt quickly to shifting IT Security needs or conditions.
• Proactively seek new opportunities for improvements and Adjust IT Security strategies accordingly
• Stay updated on industry trends to implement relevant Security solutions
• Pay attention to details to ensure project requirements and deliverables are met accurately
• Review project documentation, monitor progress
• Work closely with diverse teams, stakeholders, and clients.