Microsoft Azure Sentinel and SIEM Consultant

Microsoft Azure Sentinel and SIEM Consultant

DXC Technology India
Bengaluru / Bangalore India
15-18 years
Not Specified

Job Description


Job Description :
Job Description:
Functional Questions:
Qualifications Pack Code
SSC/Q0909
Job Role
Security Operations Centre – Engineer SOC
This job role is applicable in both national and international scenarios
Sector
Information Technology – Information Technology enabled Services
Sub-sector
IT Services , IT-ITes
Occupation
Information/Cyber Security
Drafted on
28nd Sep 2020
Version Number
1.0
Base Location
Noida/Bangalore
Travel
Not required
Preferred start date
Immediate – 60 Days
Compensation inc salary, bonus, car eligibility etc.
As per DXC salary grid
Is a degree or relevant qualification required to perform the role
10+2+3/Equivalent (15yrs of Full time education)
Experience
3-5 years of work experience
Role Specific Questions:
Team Structure: Ask the HM to describe the team structure including team members, reporting line, direct reports and key stakeholder engagement
Is this a new position or a replacement If a replacement, why did the last person leave What made them successful or unsuccessful in the role
New Position
Tell me about your current team i.e. , structure, years of experience
New team
Where does this role fit into the team Are there any direct reports for this role Who will they be working with and which Key Stakeholders will they be engaging with on a regular basis
This would be majorly Individual contributor role.
Role & Project Information: Ask the HM questions to breakdown the job description and understand key deliverables and duties. Obtain an understanding of the key clients and projects associated with the role
Brief Job Description
Individuals at this job are responsible for managing and handling SIEM from Engineering prospective, analyzing organizations traffic and logs for threats, notifying potential threats found and any enhancements to existing cyber security measures, writing rules to implement detections, Creating Workbooks to implement dashboards and apps . The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines.
What does a day in the life of this role look like
  • This role is about handling esclated alert from monitoring organizations traffic and logs for threats in application consoles
  • Individuals at this job are responsible for managing SIEM infrastrcutre and analyzing organizations traffic and logs for threats. Notifying potential threats found.
  • Writing rules to implement detection
  • Good Understanding of Sentinel and KQL
  • Creating playbooks to implement SOAR
  • Implementing use cases and log management
  • Creating workbooks to implement dashboards and apps
  • following-up for ticket closure with the client and any enhancements to existing cyber security measures.
  • The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines.
  • When a security incident is declared they execute incident response process and document the same.
  • Operate the console of security information and event management tools (SIEM)
  • read coded scripts and modify and debug programs
  • develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc.
  • work on various operating systems and plat
  • work with word processors, spreadsheets and presentations

Who are the key clients and what are the projects associated with the role
Name of the client
What are the major goals aligned to the role
Plan and Organize
Customer Centricity
Problem Solving
Analytical Thinking
Critical Thinking
Attention to Detail
Team Working
Main Skills/Profile: Ask the HM to define the essential skills, specific requirements and personal characteristics required for the role
What are the top four skills/competencies required to be successful in the role
  • Basic cyber security concepts
  • Relevant networking concepts, devices and terminology
  • Writing rules to implement detection
  • Good Understanding of Sentinel and KQL
  • Implementing use cases
  • Creating workbooks to implement dashboards and apps

What is the preferred background of the candidate and why
Diploma in Engineering or any graduate course
Certification in Information systems or related fields, Basic soft skills training, ethical hacking or pertaining to ISO27001
What are the personality traits of a successful candidate for this role
This job may require the individual to work in a team/shifts. The individual should be result oriented and have a high attention for detail. The individual should also be able to demonstrate good communication skills and logical thinking with willingness to work in shifts.
Selling Points: Work with the HM to define the key selling points of the role to assist with candidate attraction
Why would someone want this role What is the value add proposition
Word Searches: Agree with the HM relevant technologies, qualifications or companies that can be used to assist in the search stream e.g. Excel, Oracle, PeopleSoft, Capital Markets
Are there key words that can be used for specific search strings
Event and Log analysis and packet analysis
Network Security, SIEM
Screening Questions: Recruiter and HM to agree a minimum of 3 screening questions to ask all candidates based on the information gathered above
Question 1:
Question 2:
Candidates Under Consideration/Interview Format:
Recruitment Stages: Discover any candidates the HM may already have in process or who the HM has previous experience of
Are there any internal or external candidates that you are currently considering for the role Please provide name and CV
External candidate
Are there any candidates you are aware of that we should contact to discuss the role
No
Are there any candidates you would not wish to consider for the role and why
No
Interview: Discuss and agree Interview format and timelines with HM
Who will be involved in the interview process, please describe the roles of interviewers
Technical interview (1 Days)
Client interview (1-2 Days)
Manager interview (1 Days)
HR Round (Same day once manager selects)
What is your preferred location for the interviews to be conducted
Noida/Bangalore/Electronic City

Similar Jobs

Career Advice to Find Better