Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Security Information and Event Management (SIEM)
Good to have skills :NA
Minimum 7.5 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:As a Security Manager You will oversee daily operations of a Security Operations Center (SOC), manage threat detection, response, and coordinate escalations across hybrid environments. The role involves deep hands-on engagement with SIEM, EDR, cloud security platforms, and advanced email security solutions like Proofpoint, IronPort, and Cofense. You will ensure rapid detection, containment, and remediation of security incidents while also mentoring junior analysts and improving operational processes. Roles & Responsibilities:-Must Have
Skills:
A Sentinel Specialist is primarily responsible for implementing and managing Microsoft Sentinela cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) solution.-Deploy, configure, and manage Azure Sentinel for threat detection and incident response.- Integrate Sentinel with various data sources using native and custom connectors.-Create and fine-tune analytic rules, workbooks, and playbooks to automate threat detection and response.-Optimize Sentinel performance through query tuning and cost management.- Collaborate with IT and security teams to improve security posture and ensure compliance.- Stay updated with cybersecurity trends and integrate threat intelligence feeds.- Lead a team of SOC analysts, acting as escalation point for critical incidents.-Monitor alerts from SIEM tools such as Azure Sentinel, RSA NetWitness.-Operate and analyze endpoint threats using EDR tools like Microsoft Defender for Endpoint, CrowdStrike Falcon.- Utilize Microsoft Defender for Cloud to assess and enforce security posture across cloud infrastructure.-Collaborate with IT, DevOps, and engineering teams to implement secure configurations and cloud best practices.- Create detailed incident reports, dashboards, and threat landscape briefings.-Develop and maintain security playbooks, SOPs, and shift handover documentation.- Support proactive tuning of detection rules, policies, and integrations across security tools.-Lead and manage the security operations team (SOC).- Develop and enforce security policies, protocols, and procedures.- Monitor and respond to security incidents and breaches.-Prepare reports and metrics for senior leadership. Professional & Technical
Skills:-Proficiency in Kusto Query Language (KQL).- Hands-on experience with SIEM/SOAR tools, especially Microsoft Sentinel.- Familiarity with cloud platforms (Azure preferred).- Scripting knowledge (PowerShell, Python, YAML, JSON).- Understanding of cybersecurity frameworks like MITRE ATT&CK or NIST.- Expertise with EDR platforms:Microsoft Defender for Endpoint, CrowdStrike Falcon.- Proficiency in managing email security and phishing defense platforms:Proofpoint TAP/ETP,Cisco IronPort (ESA,Cofense Triage, Vision, Reporter- Familiarity with threat intelligence platforms:MISP, Recorded Future.-Understanding of OS and network log formats, HTTP/SMTP traffic, and Windows/Linux security.- Basic scripting knowledge (Python, PowerShell, Bash) for automation and threat hunting.-Deep understanding of cybersecurity tools and practices.Certification Requirements (Must Have One or More):- Microsoft Certified:Security Operations Analyst Associate (SC-200)- Microsoft Certified:Azure Security Engineer Associate (AZ-500)- Certified SOC Analyst (CSA) EC-Council-CompTIA Security+, CySA+, or CASP+- GIAC Certifications:GCIH, GCIA, GCFA (optional)- CrowdStrike Certified Falcon Responder (CCFR) or equivalent (for EDR specialization)
Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru, Gurugram, Hyderabad, Mumbai, Noida. No other location Preferred- A 15 years full time education is required. Qualification 15 years full time education
