121 Microsoft Sentinel Jobs - Page 3

As a Data Security Specialist, you will play a vital role in developing, implementing, and optimizing Insider Risk Management (IRM) and Data Loss Prevention (DLP) strategies and policies for our clients. Your responsibilities will involve collaborating with various teams to safeguard client environments, maintain security posture, and ensure compliance with data protection regulations. Your expertise will be instrumental in mitigating data security risks and upholding the highest standards of data governance. - Collaborate on implementing and managing Data Security solutions and technologies like Microsoft Purview Insider Risk Management, Microsoft Purview Data Loss Prevention, and Microsoft...

Role Overview: As a Senior Threat Researcher in the Defender Experts (DEX) Research team at Microsoft Security, you will play a crucial role in advancing cloud security and protecting customers from advanced cyberattacks. You will collaborate with a team of experts to develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel, contributing to real-time protections for enterprises worldwide. Key Responsibilities: - Lead and execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products in diverse cloud environments. - Develop and refine detection and response strategies using major SIEM platf...

Level: L2 Designing playbooks using Azure Logic Apps to automate triage, enrichment, and remediation Integrating with third-party systems like ServiceNow, Jira, Teams, and Slack Creating both manual and automated triggers for alerts and incidents. Managing automation rules to orchestrate multi-step responses across analytics rules Participate in transformation workshops and SLA discussions to refine KPIs and metrics Contribute to continuous improvement through feedback loops and performance reviews Power BI developers are responsible for designing and maintaining real-time, interactive dashboards that provide visibility into SOC operations. Key tasks include: Building and enhancing dashboard...

Level: L2 Designing playbooks using Azure Logic Apps to automate triage, enrichment, and remediation Integrating with third-party systems like ServiceNow, Jira, Teams, and Slack Creating both manual and automated triggers for alerts and incidents. Managing automation rules to orchestrate multi-step responses across analytics rules Participate in transformation workshops and SLA discussions to refine KPIs and metrics Contribute to continuous improvement through feedback loops and performance reviews Power BI developers are responsible for designing and maintaining real-time, interactive dashboards that provide visibility into SOC operations. Key tasks include: Building and enhancing dashboard...

Level: L2 Designing playbooks using Azure Logic Apps to automate triage, enrichment, and remediation Integrating with third-party systems like ServiceNow, Jira, Teams, and Slack Creating both manual and automated triggers for alerts and incidents. Managing automation rules to orchestrate multi-step responses across analytics rules Participate in transformation workshops and SLA discussions to refine KPIs and metrics Contribute to continuous improvement through feedback loops and performance reviews Power BI developers are responsible for designing and maintaining real-time, interactive dashboards that provide visibility into SOC operations. Key tasks include: Building and enhancing dashboard...

Level: L2 Designing playbooks using Azure Logic Apps to automate triage, enrichment, and remediation Integrating with third-party systems like ServiceNow, Jira, Teams, and Slack Creating both manual and automated triggers for alerts and incidents. Managing automation rules to orchestrate multi-step responses across analytics rules Participate in transformation workshops and SLA discussions to refine KPIs and metrics Contribute to continuous improvement through feedback loops and performance reviews Power BI developers are responsible for designing and maintaining real-time, interactive dashboards that provide visibility into SOC operations. Key tasks include: Building and enhancing dashboard...

Level: L2 Designing playbooks using Azure Logic Apps to automate triage, enrichment, and remediation Integrating with third-party systems like ServiceNow, Jira, Teams, and Slack Creating both manual and automated triggers for alerts and incidents. Managing automation rules to orchestrate multi-step responses across analytics rules Participate in transformation workshops and SLA discussions to refine KPIs and metrics Contribute to continuous improvement through feedback loops and performance reviews Power BI developers are responsible for designing and maintaining real-time, interactive dashboards that provide visibility into SOC operations. Key tasks include: Building and enhancing dashboard...

8–10 yrs in cybersecurity with SOC (L2/L3) experience, incident response, threat hunting, log analysis & SIEM tools (Sentinel, Splunk, Securonix). Must hold active CISSP, CISM or CEH certifications along with ISO 27001 & NIST framework knowledge

Job Discribtion: Global Security Operation Center (GSOC) KPMGs Global Security Operations Centre (GSOC) is internal SOC team supporting KPMG member firms to detect and respond to cyber-attacks to KPMG across locations. GSOC Operation – Monitoring & Alerting (M&A) GSOC – Engineering Services (ES) – SIEM technology management including onboarding /off-boarding /content update. Role & REsPonsibilty – Analyst (Monitoring & Alerting) Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat inte...

Role Overview: You will be joining the Defender Experts (DEX) Research team within Microsoft Security, whose mission is to protect customers from advanced cyberattacks by transforming raw signals into intelligence. As a Threat Researcher, you will collaborate with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats impacting both Microsoft and third-party products. Your work will directly contribute to developing real-time protections for enterprises worldwide and enhancing threat detection and response capabilities within Microsoft Sentinel. This role offers a unique opportunity to work at scale, tackle complex cl...

Role Overview: As a Cloud Security Specialist, your role involves designing and implementing cloud security solutions using tools such as Microsoft Sentinel. You will lead the development of security strategies, policies, and procedures to safeguard client data in the cloud. Collaborating with DevOps teams, you will integrate security into the continuous delivery pipeline using automation tools like Terraform and AKS. Additionally, you will be responsible for conducting risk assessments, threat modeling, and security testing to identify and address vulnerabilities, while providing expertise on cloud security best practices to clients and team members. Key Responsibilities: - Stay updated wit...

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engi...

Role Overview The Senior Security Engineer is a hands-on technical leader focused on designing, implementing, and operating enterprise-grade security solutions, with strong expertise in the Microsoft security ecosystem (Defender Suite, Sentinel, Purview, Entra ID). While cloud skills (Azure, Microsoft 365, VMware, hybrid) are valuable, they serve to enable secure architectures and operations . This role spans project delivery and managed services , helping customers uplift SOC maturity, strengthen compliance, and build resilient security operations. You will also act as a trusted escalation point, mentor junior engineers, and shape Oretas security practice. Key Responsibilities Security Engi...

Role & responsibilities About the Role: The Senior Cybersecurity SOC Engineer role is a key position within CA One Tech Cloud Clients . This role involves designing scalable applications and ensuring the delivery of high-quality projects. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalat...

Microsoft Security Architect -JD Location: Bangalore Department: Security Practice Reporting To: Head of Security Practice Job Summary We are seeking a Microsoft Security Architect to lead the design and governance of enterprise security solutions based on Microsofts security technologies. The role will involve defining architecture standards, solution blueprints, and working closely with both pre-sales and delivery teams to ensure secure and scalable implementations of Microsoft Sentinel, Defender, Entra, Intune, Purview, and Priva. The ideal candidate will have a strong technical background, excellent customer engagement experience, and a strategic mindset to drive cybersecurity transforma...

As a Cloud Security Analyst & Incident Response Specialist, you will be responsible for monitoring and investigating high-risk alerts from Wiz across AWS, Azure, and GCP environments. Your role will involve analyzing attack paths, exposed services, and identity risks using Wiz Security Graph. You will collaborate with DevSecOps and Cloud Platform teams to triage and contain incidents, correlating Wiz alerts with signals from SIEM, endpoint, and identity tools to understand the full attack context. Supporting incident response efforts by conducting root cause analysis and post-incident reviews will also be part of your responsibilities. Your critical skills should include a degree in Cybersec...

You are invited to join our Information Security team as an Enterprise IT Security Analyst specializing in Security Operations Center (SOC) activities. In this role, you will play a crucial part in maintaining the security and effectiveness of our security operations by monitoring security alerts, analyzing incidents, and contributing to incident response processes. Your expertise in SOC operations, incident response, and security monitoring tools will be invaluable in supporting SOC initiatives. Your key responsibilities will include monitoring security alerts and events using tools such as Splunk, Microsoft Sentinel, Kusto (KQL), or Splunk Search Processing Language (SPL). You will be task...

The ideal candidate for the position should have expertise in Microsoft Sentinel (Not Azure Sentinel) along with strong skills in KQL, Incident Response, MS Defender, Content Management, MITRE ATT&CK, MITRE DEFEND, and Kusto Query Language. Additionally, experience in Threat Intelligence, Threat Hunting, Custom Workbooks, and familiarity with the Microsoft cloud platform Azure is required. The candidate should have a notice period of 0-30 days and hold a graduate degree. The job location options include Bangalore, Pune, Mumbai, Hyderabad, Chennai, Gurgaon, and Noida. For further details and application submission, please reach out to career@krazymantra.com.,

This job is with Kyndryl, an inclusive employer and a member of myGwork the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you ready to take on an exhilarating role as a Program Manager at Kyndryl Prepare to embark on a journey where you will be at the helm of delivering value-add tra...

The role of SOC Automation requires a minimum of 4 years of experience in managing and operating Microsoft Sentinel. Your responsibilities will include onboarding and troubleshooting log sources on premises and cloud to the Sentinel platform using syslog APIs and other mechanisms, ensuring data integrity, reliability, and proper formatting. Additionally, you will need hands-on experience with log collection, parsing, and analysis from various sources such as firewalls, endpoints, and cloud environments. A strong defensive mindset with an understanding of security events of interest for building detection rules is essential, along with proficiency in query languages like KQL. Advanced threat ...

As an L1 SOC Analyst with 3 to 5 years of experience, you will be responsible for expertise in Triage, Threat Detection and Response, Threat Hunting, and SOC Assessment. Your role will involve utilizing your in-depth knowledge of Sentinel and Crowdstrike, along with security event collection, monitoring, analysis, issue investigation, and incident response leveraging automated SOAR tools. Your primary duties will include real-time monitoring, data enrichment, event correlation, OS/application event analysis, and IOC based threat hunting. Additionally, you will be tasked with email analysis, investigation, and phishing detection. You will play a key role in incident workflow management, issue...

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their busines...

Join our dynamic team as a Cyber Security Analyst where you will play a crucial role in safeguarding our digital assets. With a focus on Security Operations Center (SOC), you will monitor and respond to security incidents, ensuring the integrity and confidentiality of our systems. This hybrid role offers the opportunity to work both remotely and on-site with occasional travel required. Your responsibilities will include monitoring security alerts and incidents using SOC tools, analyzing security incidents to determine root causes, collaborating with IT teams to develop and implement security measures, conducting regular security assessments, providing expert guidance on security best practic...

You should have at least 6-10 years of experience, with a minimum of 5+ years specifically in Microsoft DLP (Microsoft Defender/MS Purview & Compliance) and Microsoft Sentinel, or equivalent tools for data leakage prevention. Your role will involve evaluating data loss products, building and implementing them, integrating with existing systems, and providing technical support and stakeholder management. Your responsibilities will include hands-on experience in rule creation and maintenance, antispam and anti-phishing administration, report analysis, and making recommendations for future configurations and rules. Knowledge or exposure to Data Loss Prevention integration with SIEM technologies...

As an Endpoint DLP Specialist, your main responsibilities will include implementing Endpoint DLP Solutions by deploying and configuring Microsoft Endpoint DLP solutions using Microsoft Purview. You will be tasked with ensuring seamless integration with existing systems. Additionally, you will be responsible for developing, implementing, and managing DLP policies tailored to endpoint devices using Microsoft Purview to ensure data protection and compliance. Generating detailed reports on DLP incidents, trends, and system performance using Microsoft Purview for management review will also be part of your role. Troubleshooting endpoint DLP systems within Microsoft Purview to ensure optimal perfo...