Azure Sentinel Details

Ayita Technologies - Franklin Park, NJ

Employment Type : Full-Time

Key Requirements:

 

  • Architect, Implement, Manage and lead Security Operations Centre infrastructure, use cases, alerts, and configurations
  • Implement and operationalize RCSIRT, SOAR, SIEM, DLP, Network monitoring, and Forensic tools with at least 3 implementations experience on Azure Sentinel, Splunk, Exabeam Fusion SIEM, Securonix next-generation-SIEM, XDR, CrowdStrike Falcon, McAfee EDR, Mimecast, Proofpoint, Zscaler, McAfee, McAfee DLP, ManageEngine Service Desk Plus & Data Security Plus, Qualys Guard, Qualys Web Application Scanner, DeepSource, Microsoft Intune.
  • Expert in Cloud Security architecture specifically on Azure & AWS.
  • Should possess integration experience with cross-platforms to improve the overall orchestration of security tools.
  • Well-versed with well-known security frameworks such as ISO 27001:NIST CSF / PCI DSS / ISOSTRIDE / MITRE / SSAE16 etc.
  • Ensure key information security risks and issues are identified, addressed, and resolved in a timely manner.
  • Acquire artifacts from a client or server during an investigation using different tools
  • Assess the efficacy of security controls, and document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
  • Develop relevant metrics, analyze data, identify trends and help drive improvements to the control environment
  • Recommend security monitoring or device tuning to reduce false positive detections
  • Build and run various phishing, vishing, and smishing campaigns
  • Must have experience working on the following technologies: Endpoint detection and response, PowerShell, anti-virus, email security, Linux, DLP, deception tools, cloud platform security
  • Implement SOC Automation and mature operations excellence.