Assistant Manager – Sentinel Administration

Job Title: Assistant Manager – Microsoft Sentinel Administration 📍 Location: [Remote] 🧭 Department: Information Security Group (ISG) 👤 Reports To: VP – Head of Cyber Defense Center Duration: 6 months 🔎 Job Purpose: The Assistant Manager – Sentinel Administration will be responsible for the end-to-end management of Microsoft Sentinel , a cloud-native SIEM and SOAR platform. This includes configuring data connectors, developing analytics rules, building dashboards and reports, managing playbooks for automated incident response, and collaborating with cross-functional teams to ensure effective threat monitoring, detection, and response across the organization’s IT landscape. 🎯 Key Responsibilities: Security Event Monitoring & Analytics: Ensure continuous monitoring of integrated systems using Sentinel Develop and tune analytics rules to enhance threat detection and reduce false positives Connect and manage diverse data sources (Azure, Microsoft 365, on-prem systems) Dashboards & Reporting: Design workbooks and dashboards for real-time visibility Generate periodic reports and provide insights to stakeholders on security posture Automation & Response: Develop playbooks using Azure Logic Apps Automate incident response workflows to reduce MTTD and MTTR System Maintenance & Optimization: Monitor system performance and apply patches/updates as needed Optimize data ingestion, retention policies, and ensure platform scalability Compliance & Documentation: Maintain up-to-date documentation of configurations and procedures Support audits and align operations with industry standards and organizational policies Collaboration & Support: Work closely with SOC, IT, and other business units Train Sentinel users and participate in incident investigations and post-mortems 🌐 Key Working Relationships: Internal: Local CISOs, ISG team, SOC, Business Units (LOD1-3), Risk, Compliance, Fraud, Internal Audit External: Regulators, Industry Supervisors ⚙️ Key Skills and Competencies: Technical Expertise: 7+ years in Information Security, with at least 4–5 years in Microsoft Sentinel and SIEM tools like ArcSight Strong understanding of SIEM/SOAR operations, threat detection, and incident response Experience in PowerShell, Azure Logic Apps, and automation tooling Hands-on experience in building dashboards, custom visualizations, and configuring data connectors Industry Knowledge: Familiarity with security frameworks and standards: NIST 800-61, ISO 27035, CERT/CC, PCI-DSS Exposure to BFSI sector and experience supporting SOC functions Soft Skills: Strong analytical, communication, and stakeholder management skills Ability to solve complex security challenges with creative and technical solutions Effective cross-team collaboration during incidents and investigations 🎓 Qualifications & Certifications: Bachelor’s degree in Computer Science, Information Technology, or a related field Preferred Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer Associate (AZ-500) 🧠 Key Attributes: Proactive and detail-oriented approach to threat detection Committed to upholding confidentiality, integrity, and availability of data Adaptable to evolving technologies and security threat landscapes Passionate about automation and continuous improvement in security operations 📈 Decision Making & Authority: Acts as a Subject Matter Expert (SME) for Microsoft Sentinel within the Cyber Defense Center Responsible for ensuring compliance with security incident response policies and regulatory requirements Supports the Head of Cyber Defense Center in achieving the organization’s InfoSec goals Show more Show less