Description

Required Skills:

• 5+ years of IT experience, with a minimum of 3 years of hands-on experience deploying, configuring, and troubleshooting Microsoft Sentinel SIEM and Microsoft Defender.
• An understanding of threat detection and response is critical, including the ability to create, manage, and investigate alerts, understanding security threats, anomalies, and breach patterns.
• Hand-on experience in KQL with developing Use Cases in MS Sentinel
• Experience in Function App and /or Logic App development.
• Strong core foundation experience in fundamental cloud technologies and services
• Relevant professional certifications in Cloud (AWS, GCP, Microsoft Azure e.g. SC-100: Microsoft Cybersecurity Architect) and IT Security (Security+, CISSP, CCSP) are highly desirable.
• Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment.
• Knowledge of the Financial Services industry is a definite asset.
• Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors Wealth management domain skill.

Roles and responsibilities:

• Lead the log onboarding and integration process for Microsoft Sentinel SIEM, ensuring successful integration of various log sources onto the SIEM, including the development of custom use cases where required
• Maintain, and administer security monitoring and alerting systems and processes, ensuring ongoing visibility into the security of IGM environments
• Continuously improve the efficiency of threat detection, alerting and response through use case development, tuning and automation
• Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firms Managed Security Services Provider (MSSP) services
• Utilize scripting languages, including PowerShell, Python, and KQL, to automate tasks and enhance system functionality.
• Development of advanced Sentinel queries and workbooks, including Logic/Function App development
• Create and maintain system documentation for security event processing.
• Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
• Assist in the incident response processes to contain, remediate, and recover from security incidents
• Maximize security tools to continuously improve the detection, prevention, and analysis of security incidents
• Maintain, administer, and integrate threat detection and remediation capabilities into security operations to address emergent cyber threats to IGM products, services, data, and infrastructure.
• Maintain and administer the day-to-day activities of Microsoft Sentinel Security Incident and Event Management (SIEM), including o SIEM Platform Operation so Log Integrationo Use Caseso Use Case tuningo Logging and Monitoringo Log analysis and correlationo Security Orchestration (SOAR)o Runbooks for critical incident typeso Security Monitoring / User and Entity Behavior Analytics (U "
 

Desired Skills and Experience

KQL

Education

ANY GRADUATE