Cyber Security Engineer L3

ID: 662 | 8-12 yrs | India | careers

Job Title: Cyber Security Engineer L3

Job Location: Hinjewadi Phase-1, Pune (WFO)

Experience: 8+ Years

Shift: Rotational Shift (5 Days Working)

Qualification: BE, BTech

Job Description:

We are seeking a highly skilled and experienced Azure Sentinel SIEM & XDR Implementation & configuration Engineer to join our team. In this role, you will be responsible for the design, implementation, and maintenance of Azure Sentinel SIEM solutions to meet the security monitoring and threat detection needs of our organization. The ideal candidate will have a strong background in cybersecurity, hands-on experience with Azure Sentinel, and a proven track record of successful SIEM implementation projects.

Responsibilities:

Design and architect Azure Sentinel SIEM solutions tailored to the organization's security requirements and infrastructure.

Implement and configure Azure Sentinel to collect, correlate, and analyze security event data from various sources, including Azure services, on-premises systems, and third-party tools.

Writing and managing Kusto Query Language (KQL) queries for custom log analytics.

Integrate Azure Sentinel with other Microsoft security products (e.g., Microsoft Defender ATP, Azure Security Center) and third-party security solutions to provide comprehensive threat detection and response capabilities.

Creating automated workflows with the help of logic app that connect security tools (such as Sentinel, Defender, and other third-party solutions). & Automating common tasks like ticket creation, user notifications, and security policy enforcement.

Conduct proof-of-concept evaluations for new Azure Sentinel features, updates, and integrations, and provide recommendations for their adoption.

Monitor the performance and effectiveness of Azure Sentinel deployments, fine-tuning configurations as needed to optimize detection accuracy and minimize false positives.

Provide technical guidance and support to the cybersecurity team and other IT stakeholders on Azure Sentinel usage, best practices, and troubleshooting.

Stay up to date on the latest cybersecurity threats, trends, and technologies, and incorporate this knowledge into enhancing the organization's security posture through Azure Sentinel.

Requirements:

Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.

Certified Security Engineer - Microsoft

Proven experience designing, implementing, and managing SIEM solutions, with specific expertise in Azure Sentinel.

In-depth knowledge of Azure cloud services and architecture, including Azure Active Directory, Azure Virtual Networks, Azure Monitor, and Azure Security Center.

Strong understanding of cybersecurity principles, threat detection techniques, and incident response methodologies.

Proficiency in scripting and automation using PowerShell, Python, or other relevant languages for Azure Sentinel

Excellent analytical and problem-solving skills, with the ability to analyze complex security events and identify potential threats.

Effective communication skills, with the ability to collaborate with cross-functional teams and present technical information to non-technical stakeholders.

Prior experience working in a cybersecurity operations or incident response role is a plus.

Ability to work independently and manage multiple priorities in a fast-paced environment.

Core Skills:

Azure Sentinel

Knowledge of SIEM concepts.

KQL query development and troubleshooting.

Experience in managing Sentinel workbooks and playbooks.

Azure Logic Apps:

Experience in workflow automation and orchestration.

Knowledge of API integration with other security tools.

Strong scripting and automation knowledge.

Microsoft Defender for XDR:

Deep understanding of endpoint and cloud security.

Incident response and threat investigation.

Familiarity with threat intelligence feeds and correlation.