Consultant

Job Title: Security Logging Support Specialist

Security Logging Support Specialist

Security Logging Support Specialist

Key Responsibilities:

• Support the integration of new data sources from a variety of IT infrastructure devices (e.g., servers, firewalls, network devices, appliances).
• Ensure the proper configuration, troubleshooting, and maintenance of data onboarding processes. Address data collection issues and perform root-cause analysis for data discrepancies.
• Work closely with the infrastructure teams to onboard new data sources, ensuring they are properly integrated into Microsoft Sentinel.
• Provide operational support to ensure data is accurately ingested and monitored across multiple platforms.
• Assist in the development and automation of security workflows using Logic Apps.
• Collaborate with other teams to define data management processes, policies, and standards.
• Write and maintain light scripts to automate data onboarding/management tasks (e.g., Powershell, Python, Bash).
• Support and maintain data retention and archival processes to meet business and compliance needs.
• Document and report issues, resolutions, and improvements for internal knowledge sharing.
• Utilize Microsoft Azure services for security monitoring and automation.
• Develop and maintain KQL (Kusto Query Language) queries for data analysis and monitoring within Microsoft Sentinel.

Preferred Qualifications:

• 2-5 years of experience

  in an operational or support role focused on IT infrastructure or logging systems.
• Familiarity with security tools like

  Microsoft Sentinel

  and services that support data ingestion, including Logic Apps (data ingestion, monitoring, and configuration) and Azure Functions (Function Apps).
• Solid understanding of

  Microsoft Azure

  services and their application in security monitoring and automation.
• Experience with

  KQL

  (Kusto Query Language) for data analysis and monitoring.
• Solid understanding of

  Linux

  and

  Windows servers

  , with comfort navigating the Linux command line.
• Working knowledge support log management and monitoring supporting applications, such as

  RSyslog

  ,

  Cribl

  ,

  Graylog

  ,

  Syslog-ng

  or similar.
• Working knowledge of key IT concepts, including

  API

  ,

  CIDR

  notation/subnets,

  RDP

  and

  SSH, Security Protocols (SSL, TCP/IP, Proxy, IAM), Load Balancing and HA, Virtualization, Ansible, Git, SQL

• Light scripting knowledge in at least two of the following languages:

  Powershell

  ,

  Python

  ,

  Shell/Bash

  .
• Strong troubleshooting skills and ability to resolve issues efficiently.
• Ability to collaborate with cross-functional teams to develop and communicate technical details clearly.

Desired Skills:

• Strong problem-solving and analytical abilities.
• Knowledge of log aggregation, parsing, and searching techniques.
• Familiarity with log data normalization and correlation.
• Experience with automation and orchestration tools is a plus.