6 Ms Sentinel Jobs

10+ yrs Exp in cybersecurity Multi-tenant MSSP SOC Analytics rules KQL Playbooks Logic Apps Workbooks Connectors Incident response Detection use cases-MITRE ATT&CK Defender XDR stack PowerShell ISO 27001 SOC 2 /PCI DSS CISSP CISM GIAC (GCIA, GCIH)

Greetings from Datamark !!! Position: Information Security Analyst Experience: 5+years Position Overview: The Information Security Analyst is responsible for the administration of the organization&aposs information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Information Security Analyst must Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Information Security Analyst should Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Information Security Analyst must Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelor&aposs degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals Requirements Nessus / Tenable.IO Scanning and must check for Vulnerability to come up with incidence report Must have knowledge Vulnerability Patching EndPoint Detection and Response / EDR Experience in any Antivirus solution is good SIEM Tools - SolarWinds (Log Event Manager) is preferred, MS Sentinel Must have a strong tab on meta data and email Data Loss Prevention / DLP Must have Knowledge in network security and Vulnerability Management Scanning, Vulnerability and Infosec Audit are the key aspects Compliance Auditing or any other Information Security related Auditing experience can also be considered Other Qualifications Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Preferred Certifications Experience in an IT Security related environment preferred Sec+ / CISA / CISM / A+ Cyber Show more Show less

Network Access Control Product Engineer EY Technology: Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 350,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day.Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients.Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization. EY Technology supports our technology needs through three business units: Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY toidentify new technology-based opportunities faster and pursue those opportunities more rapidly. Enterprise Technology (ET) ETsupports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. ET will also support our internal technology needs by focusing on a better user experience. Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems. The opportunity This exciting role is inside the Network Access Control Product team, part of the ESPM, Network Product team in Enterprise Technology. In the role of a Network Access Control Product Engineer, you'll be responsible for the design, engineering, documentation and release of Network Access Control Products and technology components across all instances and use cases in EY.This will include ensuring key technologies and controls associated with Network Access Control across all aspects of the EY environment are suitably designed and modified to enable the production release of Network Access Control Product initiatives. Additionally, you will provide consulting services to other teams, as well as acting as a level four escalation for the Operations teams for complex issues. Your key responsibilities Your role is essential to the success of the team's products, you will be providing consultative engagement in the most complex problem management activities, thus helping to drive client satisfaction, demonstrated using various KPIs and metrics. You'll be responsible for Solution Design and Engineering, Solution Certification, Documentation and Operational Escalation support. In the Solution Design aspect, you will create designs based on industry best practices, solid engineering principles while clearly ensuring fit for purpose localization. As part of solution certification, you will ensure appropriate software versions have been selected, reviewed and appropriately tested.Deployment instructions and standards are created allowing the technology estate to be updated by deploying certified code and configurations globally. In the Service Documentation aspect, you will develop and maintain documentation for configuration guidelines and templates.Document new services as built for handover to the Operations team. You will engage with Level 3 support teams ensuring they have the necessary training and knowledge base articles to be successful.This will include the creation and periodic review, and maintenance of Knowledgebase articles as required. Skills and attributes for success Create designs based on industry best practices, sound solid engineering principles incorporating both local and global requirements while clearly understanding that one size does not fit all Advanced skills in planning, designing and troubleshooting complex environments including delivering projects within scope and budget Able to make technical decisions in support of Architecture, Strategy, Service Management and Operations functions within the project and escalated troubleshooting contexts Demonstrated experience in dealing with external vendors and suppliers in the network industry Excellent knowledge of network access control technologies, environments, management and monitoring tools associated with EY security systems To qualify for the role, you must have Expert level knowledge and experience with Cisco ISE including database management. 802.1x authentication, the interaction with external authentication mechanisms such as PKI or MFA In depth understanding of enterprise office network environments, including IoT. Knowledge of Windows and Macintosh Operating systems specifically around network access control Maintains awareness of related new and emerging technologies. Reporting and data mining capability, Splunk and MS Sentinel preferred. You must be a Self-starter who can operate without direct supervision on multiple complex projects and tasks in parallel Present complex and difficult messages skilfully, using a variety of media and methods. Produce writing that contains clear, precise descriptive language. Experience with infrastructure implementation/management, service/operations management, etc. Ideally, you'll also have Bachelor's degree in a technical discipline such as Engineering or Computer Science or a related discipline, plus an industry accreditation or equivalent work experience Demonstrable experience in various aspects of Security technology infrastructure design and implementation. Security related Professional qualifications Service management qualifications [ITIL Foundation]

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About role: We are committed to safeguarding our digital assets and ensuring the highest level of security for our clients. As we continue to grow, we are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. The ideal candidate will bring extensive expertise in managing and securing complex environments, with a focus on O365 Security Tools, zScaler, MS Sentinel, SIEM, and Azure Security. This role requires a comprehensive skill set in incident response, vulnerability management, data protection, and cloud security, enabling us to securely empower our development and product teams. The successful candidate will have a proven track record in implementing and overseeing security solutions that protect organizational assets and improve security posture. Responsibilities: Security Infrastructure: - Design, implement, and manage security solutions leveraging O365 Security Tools, zScaler, MS Sentinel, and SIEM in support of the Security Architecture of Fioneer. - Develop and maintain comprehensive security strategies for cloud and on-premises environments. Data Protection and Leakage Prevention: - Establish the DLP and DRM program at Fioneer beyond just the deployment of the technology, but also drive data protection processes into the business and the organization. - Implement and manage data protection and leakage prevention controls. - Develop and enforce policies to safeguard sensitive information and prevent data breaches. Insider Risk Management: - Implement and manage insider risk management programs. - Monitor and analyze user activities to identify and mitigate insider threats. Security Frameworks: - Ensure compliance with security frameworks such as SOC2 and ISO27001. - Contribute to the continuous improvement of security policies and procedures. Azure Security: - Provide expertise in Azure Security, including Infrastructure as Code (IaC), Privileged Identity Management (PIM), Identity and Access Management (IAM), and Kubernetes security. - Collaborate with cloud teams to ensure secure cloud environments. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as a Cyber Security Engineer with expertise in O365 Security Tools, zScaler, MS Sentinel, SIEM, incident response, vulnerability management, and data protection. - Proven experience in creating business user focused communication guides to implement Data Protection Technologies. - In-depth knowledge of security frameworks, particularly SOC2 and ISO27001. - Extensive experience in Azure Security, including Infrastructure as Code, PIM, IAM, and Kubernetes security. - Certifications such as CISSP, CISM, or relevant Azure certifications are highly desirable. Requirements: - Minimum of 5 years of experience in security engineering or operations in an enterprise environment. - First-hand experience with programming languages required, development experience in any cloud environment is a plus. - Excellent communication and people-focused skills. - Eager to learn and improve your cloud application security skills. - Ideally, initial professional experience of DevSecOps in the cloud, secure cloud configuration, secure cloud operations, vulnerability management. - Fluent in English and open to other cultures and ideas. - A sense of humor. Benefits: You will have the opportunity to collaborate with some of the brightest minds in the industry on an incredibly ambitious project to shape the ever-evolving financial sector. This is an environment where you can have it all - the agility, enthusiasm and dynamism of a start-up, combined with the established expertise, solid market presence, and extensive customer network of a more established organization. At SAP Fioneer, you will benefit from a flexible work environment that encourages creativity and encourages you to think outside the box, bring new ideas to the table, and challenge the status quo. You will become part of a diverse and global team that we are proud of and are constantly growing and reinventing. As an employee, you will have the chance to chart your own career path and take advantage of competitive compensation packages and progression opportunities based on merit. We offer a comprehensive benefits package that includes occupational pension provisions, support for health and wellbeing, various mobility options like bike leasing and transportation allowances, as well as additional perks such as celebration rewards, meal programs, jubilee recognition, and relocation reimbursement.,

Overview: The Information Security Specialist ensures the seamless functioning of security operations by emphasizing proactive incident management. This role requires a mix of technical expertise, analytical thinking, and a proactive approach to improve operational efficiency. Key Responsibilities: Incident Identification and Escalation: Detect and log incidents with detailed and timely documentation. Analyze, assign, and escalate high-complexity tickets as needed. Problem Resolution: Investigate third-line support calls and determine root causes. Escalate unresolved issues to third-party vendors when necessary. Vulnerability Analysis and Risk Assessment Perform vulnerability analysis and asses the vulnerability risk by analyzing existing security controls Stakeholder Reporting: Prepare and deliver regular updates on security activities and incident reports to senior stakeholders. Collaboration: Partner with IT and security teams to create a cohesive security strategy. Ticket Queue Management: Monitor and action ticket queue, rapidly resolve technology incident issues for internal users. Security Platform Maintenance: Maintain/monitor security platforms and services, resolve issues and support SOC/IR (Incident Response) as needed. Provide analysis, review, and reporting of the operating state for security platforms, make recommendations for any environmental changes to reduce incident volumes and downtime. Maintain, test, and implement security policies and procedures to ensure compliance with company policy, industry standards, and regulatory requirements. Rapidly fulfill any SOC/IR requests in response to security incidents. Cross-Functional Collaboration: Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows. Mentorship: Mentor junior team members to enhance their skills. Continuous Learning: Stay up to date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures. Experience Requirements: 4-6 years of experience with SIEM tools like MS Sentinel, Splunk, QRadar, or LogRhythm. Proficiency in, EDR tools, Email Security tools. Strong background in SOC analysis, including triage, alert investigation, and incident qualification. Demonstrated expertise in incident prioritization and in-depth analysis. In-depth knowledge of most of the following security technologies: Network DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, SIEM and forensic network Understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions. Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems. An understanding of cloud-based endpoint security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues. Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Skills and Competencies: Proficient in SIEM tool, Email Security Tool (ProofPoint, FireEye), Incident Response, and CrowdStrike EDR Strong leadership and stakeholder management skills. Ability to analyze and optimize SOC operations effectively. Proficiency in MS Office. CEH/Security+ certification. Qualifications: Bachelors degree in computer science, Information Security, Electronics & Communication or related field. 8+years of proven experience in operating and managing security solutions in enterprise environments.

SC100: MS Cybersecurity Certified 10 yrs in Cybersecurity, 4+ Architecture Compliance - NIST,ISO 27001,RBI,GDPR Zero Trust Architecture KQL Queries Logic Apps Cloud Security Identity Governance Threat Detection SC-200/AZ-500/SC-300 TOGAF, CISSP, CISM