Security Advisor

Project Role :Security Advisor

Project Role Description :Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders.
Must have skills :Security Information and Event Management (SIEM) Operations

Good to have skills :NAMinimum
3 year(s) of experience is required

Educational Qualification :15 years full time education
Summary:We are looking for a Level 2 Security Engineer to strengthen our detection and response operations using Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The role focuses on writing advanced KQL queries for hunting and alert tuning, investigating incidents using Sentinel tools. You will help defend against modern cyber threats, contribute to incident investigations, and work closely with senior engineers to mature our detection capabilities.Key Responsibilities:- Develop and fine-tune advanced KQL queries for threat hunting and anomaly detection in Microsoft Sentinel.- Investigate security incidents using Sentinel Incident Graph, Timeline, and related tools to analyze relationships and attack paths.- Utilize Sentinel Fusion to understand and correlate alerts for complex incidents.- Perform deep endpoint investigations using Microsoft Defender for Endpoint (MDE).- Analyzing process trees, alerts, and device timeline.- Supporting remediation actions.- Understanding and leveraging EDR capabilities.- Document incident findings, provide recommendations for containment and eradication, and assist in incident reporting.- Assist in managing and maintaining Sentinel workspaces and data connectors (e.g., Azure AD, Syslog, MDE).- Correlate alerts and artifacts (e.g., IPs, hashes, user accounts) across multiple data sources to build a comprehensive incident picture.- Contribute to improving detection rules, watchlists, and hunting queries based on attacker TTPs aligned with MITRE ATT&CK.- Collaborate with Level 3 engineers, incident responders, and cloud/security architects to enhance detection and response processes.- Support red/blue team exercises by providing incident insights and improving rule effectiveness.
Professional & Technical
Skills:

- 5+ years in Security Operations, Incident Response, or Threat Hunting roles.- Strong experience writing and tuning KQL queries for Sentinel hunting and detection rules.- Hands-on experience investigating incidents using Sentinel Incident Graph, Timeline, and Fusion alerts.- Solid understanding of Microsoft Defender for Endpoint (MDE) including process analysis, alerts, and EDR telemetry.- Familiarity with MITRE ATT&CK, alert mapping, and detection engineering fundamentals.- Preferred Certifications-SC-200:Microsoft Security Operations Analyst (strongly preferred), AZ-500:Microsoft Azure Security Technologies, MITRE -ATT&CK Defender (MAD) certificate (nice to have), SC-900:Microsoft Security, Compliance, and Identity Fundamentals - Strong analytical thinking and ability to investigate complex incidents.- Clear and effective communicator with both technical and non-technical stakeholders.- Eagerness to learn from senior engineers and grow technical depth.- Detail-oriented, proactive, and team-focused.- Ability to work calmly under pressure during active incidents.
Additional Information:- The candidate should have minimum 3 years of experience.- This position is based at our Bengaluru office.- A 15 years full time education is required.Qualification
15 years full time education