We are ITernal Group, a reliable and reputable IT company that specializes in complex software solutions, the one company established by merging 3 companies into one single organization in 2019. Every one of our individual companies had a background in different industries and technologies. The oldest of companies was founded in 2004.
27 серпня 2024

Sentinel Engineer (вакансія неактивна)

віддалено

Our client is a cyber security services and platform company whose mission is to help our customers react faster and smarter — and stay ahead of security threats, by creating secure digital ecosystems. Our client automates processes to detect and prioritize threats early and respond rapidly and decisively.

Our client is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.

We are looking for a Sentinel SIEM Engineer in the Use Case Factory team to join us and become a member of our global Security Operations Team.

Main Tasks and Accountabilities:

  1. Understand customer requirements and recommend best practices related to Sentinel solution.
  2. Offer consultative advice in security principles and best practices related to Sentinel operations.
  3. Developing new Sentinel use cases, rules, correlations, dashboards to meet the customer needs.
  4. Design and document Sentinel architectures to meet the customer needs.
  5. Assist customer with Sentinel sizing, Architectures and client technical meetings.
  6. Deploy and configure Sentinel platforms as per Vendor guidelines and industry Best Practices.
  7. Assist client with technical guidance to configure end log sources in-scope to be logged to the Sentinel.
  8. Verification of data of log sources in the Sentinel.
  9. Document the build of the Sentinel solution.

Mandatory Requirements

1. Experience with Sentinel SIEM platform. The person can have prior experience in other common SIEM platforms as well but recent role needs to be with Sentinel as the role is expected to work only in this platform. Minimum 2 years experience in a similar role.

2. Preferred SIEM vendor certification of .

3. Hand-on Experience in KQL with writing Use Cases in Sentinel.

4. Experience in Function APP and /or Logic APP

5. Familiarity with different security attack vectors and means of protection.

6. Need the person to be hands-on in ADX

a. Configuration, data onboarding, and ongoing management

7. experience

a. Some familiarity would be highly desirable.

8. University degree in information security or equivalent work experience.