UST
Website:
ust.com
Job details:
Role Description
Use Case Management Engineer / Azure Sentinel SIEM Engineer / Cybersecurity Expert
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.
CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
We are looking for a Azure Sentinel SIEM Engineer in the Use Case Management team to join us and become a member of our global Security Operations Team.
Main Tasks And Accountabilities
- Understand customer requirements and recommend best practices related to Sentinel solution.
- Offer consultative advice on security principles and best practices related to Sentinel operations.
- Developing new Sentinel use cases, rules, correlations, dashboards to meet the customer needs.
- Design and document Sentinel architectures to meet the customer needs.
- Assist customer with Sentinel sizing, architectures, and client technical meetings.
- Deploy and configure Sentinel platforms as per Vendor guidelines and industry Best Practices.
- Assist client with technical guidance to configure end log sources in-scope to be logged to the Sentinel.
- Ensure all use cases and playbooks are well-documented, including detailed descriptions, workflow diagrams, and relevant technical configurations.
- Verification of data of log sources in the Sentinel.
Mandatory Requirements
- Experience with Sentinel SIEM platform. The person can have prior experience in other common SIEM platforms as well, but recent role needs to be with Sentinel as the role is expected to work primarily in this platform. Minimum of 5 years of experience in a similar role.
- Preferred SIEM vendor certification of administrator.
- Strong hands-on experience in KQL with writing Use Cases in Sentinel.
- Familiarity with different security attack vectors and means of protection.
- Knowledge of common attack frameworks such as MITRE ATT&CK, TTPs, and how they are mapped to detection rules.
- Familiarity with security monitoring, incident detection, and incident response best practices.
- Strong analytical and problem-solving skills.
- Strong communication and collaboration skills, with the ability to work effectively in a team environment.
- Ability to work independently; self-starter/self-motivated.
- University degree in information security or equivalent work experience.
- Relevant certification (e.g., GIAC GSOC, GCFA, CISSP) is an advantage.
Skills
siem,incident response,log analysis,network security,python,
Click on Apply to know more.