TC - CS - CDR - SIEM Content Developer - Senior
TC - CS - CDR - SIEM Content Developer - Senior
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.
Job Description for MS Sentinel Consultant:
Key Responsibilities:
- Content Development: Design develop and maintain security event monitoring and alerting processes using Sentinel SIEM.
- Use Case Creation: Develop use cases under frameworks like Cyber Kill Chain and MITRE ATT&CK.
- Expected to seamlessly migrate and translate use cases from another SIEM To Sentinel
- Integration: Integrate critical devices and applications including custom parsers for unsupported systems.
- Automation: Develop automate and orchestrate tasks (playbooks) using logic apps based on specific events.
- Incident Management: Configure Sentinel incidents workbooks hunt queries and notebooks.
- Consulting: Provide consulting during testing evaluation pilot production and training phases to ensure successful deployment.
- Threat Modelling: Utilize threat modelling to enhance security monitoring and response strategies.
- Reporting: Generate intelligent reports and dashboards to provide actionable insights to stakeholders.
- Should have strong hands-on experience in:
- Installation administration and troubleshooting of OMS/AMA agent.
- Use case creation using KQL
- Configuration of Analytic Rules
- Custom parser development
- Supporting presales initiatives with regards to Microsoft Security such as answering RFPs client presentations demos.
- If required should be able to lead a team on deployment/migration activities.
Qualification & Experience:
- 3-5 years related experience in cybersecurity operations particularly in a SOC or similar environment.
- Proficiency in using security monitoring tools such as Sentinel SIEM systems IDS/IPS EDR Microsoft Defender XSOAR SOAR solutions.
- Strong knowledge of application network and infrastructure security.
- Excellent analytical problem-solving and decision-making skills.
- Ability to work under pressure and manage multiple incidents simultaneously.
- Strong communication and teamwork skills with the ability to coordinate with cross-functional teams.
- Familiarity with global cybersecurity standards and regulatory requirements.
Special Factors:
- Willing to work from ODC as and when required in rotational shift.
- Weekend availability/flexibility to work weekends is a MUST.
- Willing to support US shift (Night shift)
EY Building a better working world
EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.
Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.
Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.
Employment Type
Full Time
