4.0 - 8.0 years

0 Lacs

karnataka

On-site

The role of SOC Automation requires a minimum of 4 years of experience in managing and operating Microsoft Sentinel. Your responsibilities will include onboarding and troubleshooting log sources on premises and cloud to the Sentinel platform using syslog APIs and other mechanisms, ensuring data integrity, reliability, and proper formatting. Additionally, you will need hands-on experience with log collection, parsing, and analysis from various sources such as firewalls, endpoints, and cloud environments. A strong defensive mindset with an understanding of security events of interest for building detection rules is essential, along with proficiency in query languages like KQL. Advanced threat intelligence using Kusto Query Language (KQL), expertise in use case creation and parser development, as well as knowledge of DevOps practices including CICD pipelines, GIT, ARM templates, and Azure Automation will be required. You will be responsible for creating automation rules, utilizing threat intelligence in Azure Sentinel, and implementing and optimizing security controls in cloud environments like AWS, Azure, and GCP while enforcing security as code principles and compliance automation. Experience with SOAR tools like Sentinel SOAR, programming skills in Javascript, Python, REST API automation, or machine learning, and proven experience in SIEM migration projects are preferred. Proficiency in the English language, both written and verbal, is necessary. As an Infoscion, you will be part of the Infosys consulting team where your primary role will involve diagnosing customer issues, designing innovative solutions, and facilitating deployment to ensure client satisfaction. You will develop proposals, configure products, conduct demonstrations, and actively contribute to projects and organizational initiatives to provide high-quality solutions to customers. In addition to technical requirements, you should have the ability to develop value-creating strategies, good knowledge of software configuration management systems, awareness of latest technologies, logical thinking, problem-solving skills, and the ability to collaborate effectively. Understanding of financial processes, industry trends, client interfacing skills, project management, and team management are also important skills for this role. Preferred skills for this position include experience in SOC Operations, SOAR tools like Cortex XSOAR (Demisto), threat hunting with SIEM tools, and cloud security focusing on Microsoft Azure's Threat Detection & Response, specifically Azure Sentinel.,

Posted 6 days ago

Apply

SIEM Migration Administrator(SentinelOne AI)_Remote Ultraviolet Cyber

5 - 10 years

20 - 27 Lacs

Hyderabad

Remote

Job Role : SentinelOne Migration Engineer /SIEM Engineer--Work From Home Experience : 5 to 11 Yrs Key Skills: SIEM Administration, SIEM Implementation, SIEM Migration, Integration Notice Period : 0 to 30 days Mode of Work : Remote( 06:00 PM to 03:00 AM IST) Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: We are seeking a talented and highly motivated SentinelOne Migration SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining SentinelOne's AI SIEM to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats. Responsibilities: Integration & Optimization: Integrate and optimize SentinelOne AI SIEM to improve visibility and automate threat detection workflows. Threat Detection: Utilize SentinelOnes AI-powered analytics to dashboard reports and automate critical reporting functions Automation & Playbook Development: Develop automated detection and response playbooks based on SentinelOne data feeds, streamlining incident management and reducing time to resolution. Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development. Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to SentinelOne deployment, performance, and incident metrics. Continuous Improvement: Continuously evaluate SentinelOne's capabilities and other relevant security tools to recommend improvements and refine detection capabilities. Required Qualifications: Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience). 1+ year of experience working with SentinelOne AI SIEM Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools. Strong understanding of cybersecurity principles, threat detection, and SIEM management. Proficiency in scripting and automation (Python, PowerShell, etc.). Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus. Preferred Qualifications: SentinelOne certification (or equivalent industry certifications). Knowledge of compliance frameworks (e.g., NIST, ISO 27001, GDPR, etc.) and how they apply to security operations. Key Skills: Technical Skills: SentinelOne platform, SIEM tools, security automation, machine learning for cybersecurity, network security. Analytical Skills: Strong ability to analyze large datasets and correlate logs/events. Communication Skills: Excellent verbal and written communication skills for collaborating with cross-functional teams and providing clear reporting. Problem-Solving: Strong troubleshooting skills with the ability to resolve complex security issues quickly and effectively.

Posted 3 months ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.