18 Kql Jobs

Job Title Cybersecurity Lead Incident Management Network Security Signature Writing Job Summary The Cybersecurity Lead will manage the Incident Management Network Security Signature Writing team This role involves overseeing incident response and signature development direct stakeholder management team management and project management The ideal candidate will have a strong background in cybersecurity incident response and network security with excellent communication and leadership skills Key Responsibilities Incident Monitoring and Response Monitor security alerts and incidents respond promptly and escalate as needed Threat Analysis and Detection Investigate security incidents develop detection rules and signatures Signature Development Create signatures for vulnerabilities and perform vulnerability hunting Tool Management Deploy configure and manage NDR tools Alert Tuning and Optimization Optimize alerts to reduce false positives Reporting and Documentation Document and report on security incidents Research and Development Stay updated with cybersecurity trends and improve detection capabilities Stakeholder Management Engage with stakeholders and manage escalated issues Team Management Lead and support the team Project Management Oversee projects related to incident response and signature development Preferred Skills Experience with Microsoft Defender or similar endpoint protection solutions Strong understanding of endpoint and network security threat detection and response Proficiency with SIEM platforms and scripting languages Knowledge of network protocols firewall rules and intrusion detection prevention systems Familiarity with advanced persistent threats threat hunting and incident response frameworks Understanding of IPSIDS signatures and Rapid7 recog signatures Good to have malware and threat analysis and CVE hunting This role operates within a 24x7x365 environment requiring flexibility for shifts holidays and on call responsibilities.

Investigate, hunt, and lead escalated incident response using advanced threat detection from SIEM, EDR, NDR platforms. Develop and manage custom detection use cases aligned to threat frameworks and customer environments. Key Responsibilities: Monitoring, Investigation & Triage Triage and correlate alerts from SIEM (QRadar/Sentinel), EDR, and NDR Identify lateral movement, C2 activity, and data exfiltration Lead incident investigations and initiate containment measures Threat Hunting & Detection Engineering Proactive hunting using logs, flow data, and behavior analytics Apply MITRE ATT&CK for hypothesis-driven hunts Develop, test, and optimize custom detection rules Maintain a backlog aligned with emerging threats Tool Proficienc y SIEM: Advanced KQL/AQL queries, rule tuning, alert optimization EDR: Defender for Endpoint binary/process analysis, endpoint containment NDR: Darktrace/LinkShadow behavioral baselining, detection logic SOAR: Sentinel Playbooks / Cortex XSOAR for automated workflows Cloud Security: Azure AD alerts, MCAS, Defender for Cloud, M365 Defender Threat Intelligence Integration IOC/TTP enrichment Threat intel feed integration Contextual alert correlation Reporting & RCA Draft technical incident reports and RCAs Executive-level summaries for major incidents Cloud Security (Optional): Investigate alerts like impossible travel, app consent abuse Respond to cloud-native security incidents using Defender for Cloud, MCAS Create advanced SOAR workflows and playbook Tool Familiarity QRadar Microsoft Sentinel Microsoft Defender for Endpoint LinkShadow or Darktrace EOP/Exchange protection Antivirus platforms Defender for Identity / Defender for Cloud Advanced SOAR workflows (Sentinel playbooks / Cortex XSOAR) Network forensic tools like Wireshark / Zeek Certifications (Preferred): GCIH / GCIA / CEH Microsoft SC-200 / SC-100 QRadar Admin or equivalent Shift Readiness: 24x7 rotational shifts, including on-call support for escalations and major incidents Soft Skills: Strong analytical and documentation skills Proactive communicator Independent problem-solver and critical thinker

Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent

Job Summary We are looking for a highly skilled and self-motivated Senior Software Engineer with strong expertise in C#/.NET, Microservices architecture, and cloud platforms (Azure or AWS). The ideal candidate will also have working knowledge of Kusto Query Language (KQL) and Python. You will play a critical role in designing, developing, and deploying scalable applications and services, while also contributing to monitoring, data analytics, and automation efforts. Key Responsibilities Design, develop, test, and deploy scalable and resilient applications using C#/.NET and Microservices architecture . Work with cloud platforms ( Azure or AWS ) to build and maintain cloud-native applications. Leverage Kusto Query Language (KQL) for monitoring, telemetry, and log analytics using Azure Data Explorer or Application Insights. Use Python for scripting, automation, or building backend components where required. Implement DevOps practices and CI/CD pipelines for faster delivery and deployment. Collaborate with product managers, architects, and cross-functional teams to deliver high-quality software solutions. Participate in code reviews, troubleshooting, and performance optimization. Ensure code quality, scalability, security, and maintainability across all services. Required Skills & Qualifications 38 years of experience in software development using C#/.NET technologies. Strong experience in building and deploying Microservices-based applications . Experience working with Azure (preferred) or AWS cloud environments. Good knowledge of Kusto Query Language (KQL) for log querying and analytics. Proficiency in Python for automation, scripting, or data manipulation tasks. Hands-on experience with CI/CD pipelines , containerization (Docker), and version control (Git). Good understanding of RESTful APIs , system design, and distributed systems. Strong analytical and problem-solving skills.

Job Description We are seeking a skilled Azure Sentinel Logic App and Analytic Rules Engineer to join our cybersecurity team. The ideal candidate will be responsible for designing, implementing, and managing automated workflows using Azure Logic Apps and developing analytic rules within Azure Sentinel to enhance our security posture and incident response capabilities. Responsibilities Design and Develop Logic Apps: Create and manage Azure Logic Apps to automate responses to security incidents detected by Azure Sentinel. This includes configuring triggers, actions, and conditions based on specific security events. Implement Analytic Rules: Develop and optimize analytic rules in Azure Sentinel to detect potential threats and anomalies within the environment. This involves leveraging Kusto Query Language (KQL) to create effective queries that generate actionable alerts. Integrate Security Logs: Streamline the integration of security logs and data sources into Azure Sentinel using Logic Apps, ensuring that all relevant security data is captured and analyzed efficiently. Automate Incident Response: Build automated workflows that respond to alerts generated by Azure Sentinel, including actions such as sending notifications, creating tickets, or executing remediation scripts. Monitor and Optimize: Continuously monitor the performance of Logic Apps and analytic rules, making adjustments as necessary to improve detection rates and reduce false positives. Essential Skills Certifications in Azure, cybersecurity or related fields. Experience with additional security tools and technologies (e.g., firewalls, intrusion detection systems). This role is crucial for enhancing our security operations and ensuring a proactive approach to threat detection and response. If you are passionate about cybersecurity and have the required skills, we encourage you to apply. Proficiency in Kusto Query Language (KQL) for creating and optimizing analytic queries. Experience with Azure Logic Apps, including triggers, actions, and connectors. Familiarity with security frameworks and best practices, including incident response and threat hunting. 3+ years of experience in cybersecurity, with a focus on security operations, incident response, and SIEM platforms. 2+ years of hands-on experience with Azure Sentinel, including the development of analytic rules and Logic Apps. Additional Desired Skills Strong verbal and written English communication Strong interpersonal and presentation skills Ability to work with minimal levels of supervision Willingness to work in a job that involves 24/7 operations Education Requirements & Experience Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree Minimum of 2-6 years of experience in the IT security industry, preferably working in a SOC environment Certifications: GCIH, CCNA, CCSP, CEH

Skills : Microsoft Sentinel (Not Azure Sentinel), KQL, Incident Response, MS Defender, Content Management, MITRE ATT&CK, MITRE DEFEND, Kusto Query Language, Threat Intelligence, Threat Hunting, Custom Workbooks, Microsoft cloud platform Azure Required Candidate profile Bengaluru,Pune,Mumbai,Hyderabad,Chennai,Gurugram,Noida

Job Summary: We are seeking a skilled and motivated Desktop Data and Automation Analyst to join our team. Reporting to the O365 Desktop Engineering Manager, you will be responsible for leveraging your expertise in KQL queries, PowerShell scripting, automation, and data analysis to drive insights and automation solutions within the desktop space. Your primary focus will be on optimizing desktop operations, enhancing security, and leveraging data-driven approaches to improve efficiency and user experience. Responsibilities: Utilize KQL queries to analyze desktop-related log data, including O365 and Intune logs, to identify patterns, trends, and anomalies, providing actionable insights for improved desktop management. Develop and maintain PowerShell scripts to automate desktop-related tasks and workflows, including provisioning, configuration, and troubleshooting, with a focus on enhancing efficiency and user productivity. Collaborate closely with the O365 Desktop Engineering Manager and cross-functional teams to identify automation opportunities and develop solutions to streamline desktop management processes. Leverage data analysis techniques to monitor and evaluate desktop performance, security compliance, and user behavior, providing recommendations for optimizations and proactive actions. Design and create reports, dashboards, and visualizations using Power BI or similar tools to effectively communicate desktop-related metrics, trends, and insights to stakeholders. Collaborate with the O365 and Intune teams to ensure desktop solutions align with overall infrastructure requirements, security standards, and compliance regulations. Stay up-to-date with industry trends, best practices, and emerging technologies in the desktop management space, identifying opportunities for improvement and innovation. Participate in desktop-related projects, providingexpertise and guidance on data analysis, automation, and optimization strategies. Work closely with desktop support teams to troubleshoot complex issues, identify root causes, and develop automated solutions to enhance the support and maintenance processes. Document processes, procedures, and best practices related to desktop data analysis and automation, ensuring knowledge transfer and efficient collaboration within the team. Qualifications: Bachelor's degree in computer science, information technology, or a related field. 8-10 years of relevant job experience Relevant certifications in data analysis, PowerShell scripting, or desktop management (such as Microsoft 365 Certified: Modern Desktop Administrator Associate) are a plus. Strong experience in utilizing KQL queries to analyze log data, particularly in the desktop management space, using tools like Azure Monitor or similar log analytics platforms. Proficiency in PowerShell scripting for desktop automation, including familiarity with Graph API and desktop management-related modules. Solid understanding of desktop management concepts and technologies, including O365, Intune, group policies, software deployment, and patch management. Experience with MDM and MAM concepts. Experience creating reports, dashboards, and visualizations using Power BI or similar business intelligence tools to effectively communicate data insights. Knowledge of desktop security principles, including compliance standards and best practices. Knowledge of Azure identity and security services Strong analytical and problem-solving skills, with the ability to analyze complex desktop-related data and derive meaningful insights. Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams and stakeholders. Proactive mindset with a strong sense of ownership and the ability to work independently to drive initiatives forward. Attention to detail and a commitment to delivering high-quality results within agreed timelines.

Hiring for Detection Engineer@ UV Cyber Solutions -- (Cyber Towers, Hyderabad Work from Office) Job Role : Detection Engineer-Work From Office Experience : 3 to 4 Yrs Notice Period : 0 to 15 days--Candidates must attend F2F interview in Hyderabad(Weekdays only) Key Skills : SIEM-Azure Sentinel, Writing KQL Queries, Creating Correlation Rules, Finetuning the alerts, Creating Logic and Policies in SIEM tool, Threat Intelligence Applicants must attend a F2F interview in Hyderabad after the 1st/2nd level interviews conducted virtually, only in weekdays. others do not apply. Should be willing to work in 24/7 shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Required Skills & Experience: Develop, test, and maintain detection rules and logic across SIEM, EDR, and other security platforms. Identify and implement detection use cases based on emerging threats and TTPs, leveraging the MITRE ATT&CK framework. Analyze security data to identify trends, anomalies, and potential threats. Collaborate with incident response teams to validate and refine detection mechanisms. Optimize detection rules to reduce false positives while ensuring accurate threat identification. Perform threat hunting and contribute to adversary emulation exercises. Integrate threat intelligence into detection workflows to stay ahead of emerging threats. Document and maintain playbooks, detection logic, and response procedures. Work closely with stakeholders to align detection strategies with business objectives.

Role & responsibilities Develop and implement custom analytics rules within Microsoft Sentinel to identify security threats and anomalies. Leverage KQL and other tools to create custom detection on Microsoft Defender XDR MDE & MDCA. Create advanced detection rules based on business requirements & SOC Use Cases. Work with SIEM and SOAR solutions at scale. Collaborate with other security teams to identify and prioritize security requirements and develop effective solutions. Update the code (KQL) on analytical rule for finetuning the false positive incidents. Stay up to date with the latest security threats and trends and apply this knowledge to improve our security posture. Perform content enrichment depending on feedback received from security analysts. Have a strong understanding of Cloud Security and Networking Concepts and practices. Helps to create reports that properly present the key risk and performance indicators. Communicating & reporting concise summaries of complex scenarios & information across diverse and senior stakeholder groups. Design, maintain Content Management standard operating procedures (SOP), processes and guidelines. Report preparation for leads and management review with data from dashboards & reports. Preferred candidate profile Strong understanding of JSON, Kusto Query Language (KQL) and PowerShell languages. Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway. Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics. Knowledge of the common attack vectors on various layers. Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix. Experience with Security Operations Center, SIEM management & solutions ownership. Knowledge of various security methodologies and technical security solutions. Conduct an audit of the platform configuration to optimize it. Optimizing the way logs are processed and leveraged by SOC team members. Knowledge on schemas of Microsoft Defender XDR solutions (Microsoft Entra ID and ID protection, Microsoft Defender for Endpoint, Microsoft Defender for Cloud apps, Microsoft Purview Information Protection) and Microsoft 365. Knowledge of schemas with security events logs from Microsoft windows server. Experience of working within a regulatory/controlled environment. Understanding of Cyber Security Risk and mitigation strategies.

KEY RESPONSIBILITIES Monitor and investigate security alerts to identify unwanted activity and security incidents. Respond to suspicious activity reports or other security concerns raised by anyone in the company. Conduct forensic investigations of security incidents and prepare incident reports. Participate in 24x7 security monitoring process. Implement lessons learned from security incidents. Develop and improve security monitoring tools including SIEM and EDR. Preform ad hoc coding for threat hunting, evidence analysis, asset inventory collection and other purposes. Identify events that are relevant to security monitoring and prepare detailed technical solutions to collect, store and analyze those. Contribute to Security Operations processes improvement. Review Incident Response policies and procedures. Support ISO27001 and other technical compliance requirements within your areas of responsibility. Influence your colleagues to build and operate secure infrastructure correctly Requirements: Expert understanding of Threat Assessment, Proactive Threat Hunting with various Security tools. Expert in understanding of the full cyber threat/attack lifecycle, including attack vectors, methods, and TTPs. Confidence with working in Linux environments and knowledge of AWS, Azure AD and Microsoft 365[E3&E5]. Must have the ability to develop and write clear and concise emails, memos, and incident reports for company stakeholders and senior leadership. Strong organizational skills Must have the ability to work independently with minimal supervision and make sound decisions in high pressure environments. Aptitude for learning and applying new skills. Experience of 4 to 7 Years Preferred candidate profile Perks and benefits

Responsibilities • Provide second-level technical support for complex cloud service incidents, problems, and requests. Resolve escalated issues that require in-depth analysis and troubleshooting. • Diagnose and resolve intricate issues related to cloud infrastructure, services, and applications, ensuring minimal disruption to business operations. • Manage and optimize cloud resources, including virtual machines, storage, databases, and networking services. Implement best practices for performance and costefficiency. • Oversee the deployment and configuration of cloud services and solutions, including advanced features and integrations. • Work closely with Level 1 support engineers, guiding and mentoring them on complex issues. Collaborate with other technical teams, including development and operations, to ensure seamless service delivery. • Maintain detailed records of incidents, resolutions, and system configurations. Contribute to the knowledge base by creating and updating technical documentation and troubleshooting guides. • Identify recurring issues and work on permanent fixes or improvements. Participate in root cause analysis and provide recommendations to prevent future incidents. • Stay current with emerging cloud technologies and industry trends. Recommend and implement enhancements to improve support processes and service quality Essential Skills • In-depth knowledge of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and services. • Advanced understanding of operating systems (e.g., Windows, Linux), networking, and cloud security practices. • Experience with cloud automation tools and scripting languages (e.g., Python, PowerShell) is a plus. • Familiarity with monitoring and management tools (e.g., CloudWatch, Azure Monitor) and ticketing systems • Relevant cloud certifications (e.g., AWS Certified Solutions Architect, Microsoft Certified: Azure Administrator Associate) are highly desirable. 3 CONFIDENTIAL | 202 SecurityHQ JD- : Analyst Contact Us hr-india@securityhq.com For more details visit www.securityhq.com Additional Desired Skills • Strong verbal and written English communication • Strong interpersonal and presentation skills • Ability to work with minimal levels of supervision • Willingness to work in a job that involves 24/7 operations Education Requirements & Experience • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree • Minimum of 3-6 years of experience in the IT security industry, preferably working in a SOC environment • Certifications: GCIH, CCNA, CCSP, CEH

Whats the role Step into an exhilarating role where you'll lead the charge in detecting latest cybersecurity threats and safeguarding Shell using cutting-edge technology! The role is part of the CISO (Cyber Information Security Office) in the Information and Digital Technology organization. The Threat Detection Engineering team supports Shells CyberDefence team by developing and implementing cyber threat detection capabilities. These capabilities identify adversary tactics, techniques, and procedures (TTPs), enabling swift action on Events of Interest. Input from various CyberDefence teams, including Threat, Detect, Incident, and the Red Team, informs the detection opportunities. Threat Detection Engineering helps to recognize malicious activities in the early stage of the kill chain, providing an opportunity to intervene before significant harm occurs. What youll be doing As the Threat Detection Engineer, you will develop correlation searches and reporting capabilities that result in actionable events of interest. The detection searches created in Splunk and Sentinel must be both performant and accurate and continuously updated to adapt to the ever-changing threat landscape. Accountabilities Deliver the Threat Detection Engineering Use Case backlog Use scripting/programming languages to test Use Cases and manage git repos Develop and implement Custom of use cases that are not yet covered by existing tools and solutions Translate IoC use case requests into optimized technical implementation and translate behavioral analytics use case requests into algorithms to be deployed in CyberDefence technologies Work with the wider CyberDefence organization in understanding requirements for detection capabilities and detection logic and able to work with the CyberDefence LT to prioritize work effort Be the quality gatekeeper for all new and existing detection use cases, with a focus on minimizing false positives and rework Support and develop other CyberDefence extended team members with experience and best practices in a continuous learning environment Support activities to embed automated use case testing and validation checks What you bring Minimum 8 years IT security experience and solid engineering background Experience with solution building by secure in design principles Proven experience in coding or scripting experience in languages Proven experience in Splunk Search Processing Language (SPL), some experience with Microsoft Sentinel Kusto Query Language (KQL) preferred SC-200 and or Splunk certifications preferred Experience developing Indicators of Compromise (IoC) in Security Information & Event Management (SIEM) platforms Experience using Git repositories and knowledge of CI/CD pipelines Good technical understanding of common IT services including Azure and AWS cloud, Unix/Linux and Windows servers and client machines, database technologies, firewalls and network devices, popular application suites, etc Develops and maintains knowledge of cyber security and maintains an awareness of current developments Has excellent written and verbal communication skills and provides well-informed advice to own and others outside the core team

Please find the Job Description for EDR : 1. -Good working knowledge of EDR solutions such as MDATP, FireEye, CrowdStrike Falcon, Carbon Black. 2. -Must be well-versed with Operating System concepts i.e. Windows/Linux/MacOS 3. -Ability to distinguish between False Positives and False Negatives detections with respect to logs available. 4. -Good Exposure to OSINT tools, sandboxing, encoding-decoding techniques for independent investigation. 5. -Must be able to Investigate and Triage EDR related alerts with an ability to share detailed investigation reports to clients within SLA. 6. -Knowledge of Cyber kill chain and MITRE ATT&CK techniques and tactics used by adversary to evade detection. 7. -Awareness of various stages of Incident Response which involves in-depth analysis and RCA submission on security incidents. 8. -Good understanding of Malware Analysis i.e. static and dynamic and its variants. 9. -Exposure to adversary simulation and red teaming tools such as Caldera, PowerShell Empire, Cactus Torch 10. -Understanding of Database language i.e. KQL is a Plus. 11. -Understanding of Network Security concepts and popular encryption standards. 12. -Excellent communication skills for cross-group and interpersonal skills with ability to articulate business need for detection improvements. 13. -Exposure to reverse engineering of malware samples is a plus. 14. -Certification in OSCP, OSCE, GREM, GCIH, GCFA will be highly preferred. ***Willing to work in rotational shift timings.// To be added if required.

Role & responsibilities We are seeking a skilled DOT .NET developer with strong C# programming experience and UI/UX design and development using AngularJS. .NET Developer with experience in Azure Data Lake, Azure Data Pipeline, and Kusto (KQL). The ideal candidate will have a strong foundation in .NET application development and hands-on experience with Azure data services. They should be able to design, develop, and maintain data-driven applications The ideal candidate will have extensive experience in C# programming, front-end development using AngularJS, and a solid understanding of user-centric design principles. You will play a key role in designing and developing robust, scalable applications with a focus on intuitive user interfaces, primarily for Microsoft-focused projects. Key Responsibilities Application Development : Design, develop, and maintain applications using C#, AngularJS, and other front-end technologies. UI/UX Collaboration : Collaborate with UI/UX designers to implement intuitive and visually appealing user interfaces. Ensure a seamless and responsive user experience. Full-Stack Development : Work across the full stack as required, integrating front-end interfaces with back-end systems. Code Quality : Write clean, maintainable, and testable code adhering to industry best practices. Agile Practices : Participate in agile ceremonies such as sprint planning, daily stand-ups, and retrospectives. Performance Optimization : Identify and resolve performance bottlenecks in both the UI and back-end layers. Testing : Develop and execute unit tests, integration tests, and UI/UX validation tests to ensure high-quality deliverables. Preferred candidate profile MUST HAVE Skills: Prior Microsoft experience is a huge plus. Strong C# development skills along with Front End UI dev experience and strong SQL skills (KQL) Experience with RESTful API development, Web API, and microservices architecture. Strong knowledge of ASP.NET and Entity Framework Experience designing and developing front end applications using AngularJS, and other front-end technologies. Azure Data Services: Hands-on experience with Azure Data Lake (ADLS) and Azure Data Factory. Knowledge of Azure Synapse Analytics and Azure Blob Storage is a plus. Experience building and managing scope pipelines in Azure Data Factory. Kusto (KQL): Proficiency in Kusto Query Language (KQL) to work with Azure Data Explorer and log analytics data. Ability to write complex queries, analyze large datasets, and provide insights based on the results. Agile Development : Proven experience in agile methodologies and DevOps practices. Soft Skills : Strong problem-solving skills and attention to detail. Excellent verbal and written communication skills. Team-oriented with a proactive and collaborative attitude Perks and benefits - Full time Employment - Medical - PF

SIEM Sentinel Engineer Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position. Should have performed SIEM engineering role more than 4+ years. Problem solving & People management skill is required. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents. Should have proven record of participation in customer or client reviews or global certifications regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage. Qualification SIEM Sentinel Engineer Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position. Should have performed SIEM engineering role more than 4+ years. Problem solving & People management skill is required. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents. Should have proven record of participation in customer or client reviews or global certifications regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage.

The role would be an individual contributor in Global Cyber Assurance and Compliance team. The individual will address issues highlighted by operations team and work as a first responder to address concerns and working closely platform teams, SOC team. Mandatory Skills PythonKQL Microsoft Defender EDR tool Secondary Skills ServiceNow platform vulnerability scanning tools Rapid7-Nexpose / InsightVM etc.

Job Summary: We are seeking a skilled and motivated Desktop Data and Automation Analyst to join our team. Reporting to the O365 Desktop Engineering Manager, you will be responsible for leveraging your expertise in KQL queries, PowerShell scripting, automation, and data analysis to drive insights and automation solutions within the desktop space. Your primary focus will be on optimizing desktop operations, enhancing security, and leveraging data-driven approaches to improve efficiency and user experience. Responsibilities: Utilize KQL queries to analyze desktop-related log data, including O365 and Intune logs, to identify patterns, trends, and anomalies, providing actionable insights for improved desktop management. Develop and maintain PowerShell scripts to automate desktop-related tasks and workflows, including provisioning, configuration, and troubleshooting, with a focus on enhancing efficiency and user productivity. Collaborate closely with the O365 Desktop Engineering Manager and cross-functional teams to identify automation opportunities and develop solutions to streamline desktop management processes. Leverage data analysis techniques to monitor and evaluate desktop performance, security compliance, and user behavior, providing recommendations for optimizations and proactive actions. Design and create reports, dashboards, and visualizations using Power BI or similar tools to effectively communicate desktop-related metrics, trends, and insights to stakeholders. Collaborate with the O365 and Intune teams to ensure desktop solutions align with overall infrastructure requirements, security standards, and compliance regulations. Stay up-to-date with industry trends, best practices, and emerging technologies in the desktop management space, identifying opportunities for improvement and innovation. Participate in desktop-related projects, providingexpertise and guidance on data analysis, automation, and optimization strategies. Work closely with desktop support teams to troubleshoot complex issues, identify root causes, and develop automated solutions to enhance the support and maintenance processes. Document processes, procedures, and best practices related to desktop data analysis and automation, ensuring knowledge transfer and efficient collaboration within the team. Qualifications: Bachelor's degree in computer science, information technology, or a related field. 8-10 years of relevant job experience Relevant certifications in data analysis, PowerShell scripting, or desktop management (such as Microsoft 365 Certified: Modern Desktop Administrator Associate) are a plus. Strong experience in utilizing KQL queries to analyze log data, particularly in the desktop management space, using tools like Azure Monitor or similar log analytics platforms. Proficiency in PowerShell scripting for desktop automation, including familiarity with Graph API and desktop management-related modules. Solid understanding of desktop management concepts and technologies, including O365, Intune, group policies, software deployment, and patch management. Experience with MDM and MAM concepts. Experience creating reports, dashboards, and visualizations using Power BI or similar business intelligence tools to effectively communicate data insights. Knowledge of desktop security principles, including compliance standards and best practices. Knowledge of Azure identity and security services Strong analytical and problem-solving skills, with the ability to analyze complex desktop-related data and derive meaningful insights. Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams and stakeholders. Proactive mindset with a strong sense of ownership and the ability to work independently to drive initiatives forward. Attention to detail and a commitment to delivering high-quality results within agreed timelines.

#Hiring for below position #Immediate joiner or 15 days Job Title: Senior .Net Developer Experience: 5 - 9 years Job Location: Pan India (Hybrid) Key Requirements: Proficiency in writing production code with an industry standard programming language using Agile methodologies. Proficiency practicing Infrastructure as Code and Configuration as Code techniques Proficiency managing multiple code bases in Git Proficiency creating Continuous Integration builds and deployment automation, for example CI/CD Pipelines Proficiency building Cloud Native applications in a major public cloud Proficiency implementing observability, application monitoring, and log aggregation solutions Proficiency working with cross functional teams to provide DevOps inspired solutions Delivery Insights Team Specific Skills Experience in building customer facing data insights and reporting that span across the enterprise. Proficiency with Grafana Cloud stack. Comfortable configuring various Grafana cloud components, including data sources, permissions, and expanded feature set. Proficiency with Kusto Query Language (KQL). Building and using complex queries to include various merge, join, and sort operations. Will accept equivalent SQL syntax knowledge for certain applicants. Experience in Azure Function Apps. Building, supporting, and operating a modern .net code base across the entire development life cycle. Experience in Azure SQL or Postgres database systems Experience in various components of Azure Devops Webhook configuration and creation Rest API knowledge and ability to interpret reporting needs directly to data availability Comfort with how teams use Azure DevOps to complete the SDLC process, including work item management, repositories, pipelines, and access control. If you are interested, please share your updated CV on this email ID aashifjabarulla@tsit.co.in OR kousalya.v@tsit.co.in +91 9047052352