Microsoft Sentinel
7 days ago
Role Summary:
We are seeking an experienced Microsoft Security Engineer with strong hands-on expertise in Microsoft Sentinel (SIEM/SOAR) and Microsoft Intune (Endpoint Compliance & Access Control). The candidate will be responsible for designing, implementing, customizing, and supporting our SIEM dashboards, threat detection rules, connectors, and device compliance policies to strengthen our cybersecurity posture.
This is a core technical role the candidate must have direct hands-on experience in end-to-end deployment of both Sentinel and Intune in enterprise environments.
Key Responsibilities:
Microsoft Sentinel (SIEM):
- Enable and configure data connectors: Azure Activity, AWS CloudTrail/GuardDuty, On-prem AD, Cisco ASA/Firepower, FortiGate firewalls.
- Deploy and manage Syslog collector VMs for firewall/AD log ingestion.
- Configure IoC/IoA threat intelligence feeds (MISP, OTX, Recorded Future, etc.).
- Build custom dashboards (Top Talkers, Incident Overview, Events per Device, Rule Hits, Device Coverage).
- Write and implement custom KQL correlation rules (beyond Microsoft built-ins).
- Tune rules to reduce false positives and align with SOC operational needs.
- Provide incident playbooks/runbooks for SOC team.
Microsoft Intune (MDM):
- Review existing Intune configuration and optimize policies.
- Define and implement device onboarding (corporate devices + BYOD).
- Configure compliance validation policies (encryption, AV, OS patch levels).
- Define and implement conditional access (CA) policies for O365, SaaS apps, and internal systems.
- Integrate Intune with Defender for Endpoint and Sentinel for unified risk visibility.
- Generate compliance dashboards and audit-ready reports.
Cross-Functions:
- Work with Architect/Lead to align design with security framework.
- Document all configurations, rules, dashboards, and policies.
- Conduct structured knowledge transfer sessions for SOC/IT teams.
- Support audit and regulatory readiness (ISO 27001, PDPL, GDPR, etc.).
Required Skills & Experience:
- 8-12 years of hands-on experience in enterprise security engineering.
- Minimum 3+ years direct, practical experience with Microsoft Sentinel (KQL, connectors, dashboards, rules).
- Minimum 3+ years direct, practical experience with Microsoft Intune (compliance, CA, device onboarding).
- Strong expertise in Azure AD, Conditional Access, Defender for Endpoint integration.
- Proven experience writing custom KQL correlation rules (beyond out-of-box templates).
- Familiarity with Syslog/CEF ingestion for firewalls and AD logs.
- Experience integrating multi-cloud (Azure + AWS) into Sentinel.
- Solid understanding of IoC/IoA feeds and Threat Intelligence integrations.
- Strong documentation and KT delivery experience.
Certifications preferred:
SC-200: Microsoft Security Operations Analyst
- SC-300: Microsoft Identity and Access Administrator
- SC-400: Microsoft Information Protection
- MS-101/MD-101: Microsoft 365 Enterprise Admin / Modern Desktop Administrator
Soft Skills:
- Strong communication and stakeholder-facing ability.
- Ability to lead discussions with security teams and senior management.
- Problem-solving mindset balancing business risk vs technical enforcement.
- Can work independently and deliver under tight timelines.
-
Microsoft Entra
2 weeks ago
Chennai, Tamil Nadu, India dotSolved Systems Inc. Full time ₹ 15,00,000 - ₹ 25,00,000 per yearMicrosoft Entra:Identity & Access Management: Entra Id (Azure Ad), Role-Based Access Control (RBAC), Privileged Identity Management (PIM), Single Sign-On (SSO), Multi-Factor Authentication (MFA)Conditional Access & Security: Risk-Based Policies, Location/Device-Based Access, Identity Protection, Monitoring Risky Sign-Ins Hybrid & External Identity: Azure Ad...
-
SOC Analyst L1
2 weeks ago
Chennai, Tamil Nadu, India Kryptos Technologies Full time ₹ 30,000 - ₹ 50,000 per yearRole & responsibilitiesMonitor security alerts via Microsoft Sentinel and Defender XDR.2. Perform initial triage and analysis of incidents.3. Execute first-level containment actions (endpoint isolation, credential disablement).4. Escalate complex incidents to L2 Team. Exhibit strong analytical and communication skills.5. Maintain incident logs and ITSM...
-
Urgent System Administrator
3 weeks ago
Chennai, Tamil Nadu, India Everrenew Full timeJob Title: System AdministratorLocation: Head Office, Chennai PerungudiDepartment: ITExperience: 8-10 yearsJob Summary:This position will manage and support our IT infrastructure across multiple sites and will have strong hands-on experience in Active Directory, Microsoft 365, Entra ID, Endpoint Security, and Firewall management, along with a robust...
-
System Administrator
4 weeks ago
Chennai, Tamil Nadu, India Everrenew Full timeJob Title: System AdministratorLocation: Head Office, Chennai PerungudiDepartment: IT Experience: 8-10 yearsJob Summary:This position will manage and support our IT infrastructure across multiple sites and will have strong hands-on experience in Active Directory, Microsoft 365, Entra ID, Endpoint Security, and Firewall management, along with a robust...
-
Senior Security Engineer
1 week ago
Chennai, Tamil Nadu, India Cynosure Corporate Solutions Full time ₹ 8,00,000 - ₹ 20,00,000 per yearRole Purpose:We are seeking a Senior Security Engineer with a strong foundation in security incident response, infrastructure security, and expertise in a wide range of security tools and platforms. The ideal candidate will have 7+ years of hands-on experience in securing enterprise environments, managing high workloads, and acting as a subject matter expert...
-
System Administrator
2 weeks ago
Chennai, Tamil Nadu, India Everrenew Full time ₹ 6,00,000 - ₹ 18,00,000 per yearJob Title: System AdministratorLocation: Head Office, Chennai PerungudiDepartment: ITExperience: 8-10 yearsJob Summary:This position will manage and support our IT infrastructure across multiple sites and will have strong hands-on experience inActive Directory,Microsoft 365,Entra ID,Endpoint Security, andFirewall management, along with a robust understanding...
-
SOC Lead, Cyber Security Lead
2 weeks ago
Chennai, Tamil Nadu, India Kryptos Technologies Full time ₹ 15,00,000 - ₹ 25,00,000 per yearRole & responsibilities• Manage end-to-end SOC operations.• Supervise shift leads, analysts, and specialist teams.• Ensure SLA adherence and incident closure rates.• Conduct monthly service reviews withthe customer.• Own KPI tracking and continuous improvement initiatives.• Point of escalation for major incidents.Preferred candidate profileJob...
-
SOC Engineer
2 days ago
Chennai, Tamil Nadu, India, Tamil Nadu Tata Consultancy Services Full timeContinuously monitor: Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.Perform log management: Perform log ingestion, define use cases, and create alerts for critical assets.Develop Detection Rules: Create, implement, and fine-tune analytical rules, alerts, and queries in...
-
SOC Lead
1 week ago
Chennai, Tamil Nadu, India Cynosure Corporate Solutions Full time ₹ 15,00,000 - ₹ 25,00,000 per yearRole & responsibilitiesLead customer engagements on SIEM & SOAR implementation with use case and playbook documentation.Provide hands-on solutions, customization and tuning, automation, and use case development for different SIEM solutions.Collaborating with multiple stakeholder teams including the SOC, Threat Modeling & Hunting Teams.Creating strategies,...
-
Chennai, Tamil Nadu, India Deloitte Full time ₹ 12,00,000 - ₹ 36,00,000 per yearSummaryPosition SummaryCyberDeloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience,...
