SOC/SIEM

The role of SOC Automation requires a minimum of 4 years of experience in managing and operating Microsoft Sentinel. Your responsibilities will include onboarding and troubleshooting log sources on premises and cloud to the Sentinel platform using syslog APIs and other mechanisms, ensuring data integrity, reliability, and proper formatting. Additionally, you will need hands-on experience with log collection, parsing, and analysis from various sources such as firewalls, endpoints, and cloud environments. A strong defensive mindset with an understanding of security events of interest for building detection rules is essential, along with proficiency in query languages like KQL. Advanced threat intelligence using Kusto Query Language (KQL), expertise in use case creation and parser development, as well as knowledge of DevOps practices including CICD pipelines, GIT, ARM templates, and Azure Automation will be required. You will be responsible for creating automation rules, utilizing threat intelligence in Azure Sentinel, and implementing and optimizing security controls in cloud environments like AWS, Azure, and GCP while enforcing security as code principles and compliance automation. Experience with SOAR tools like Sentinel SOAR, programming skills in Javascript, Python, REST API automation, or machine learning, and proven experience in SIEM migration projects are preferred. Proficiency in the English language, both written and verbal, is necessary. As an Infoscion, you will be part of the Infosys consulting team where your primary role will involve diagnosing customer issues, designing innovative solutions, and facilitating deployment to ensure client satisfaction. You will develop proposals, configure products, conduct demonstrations, and actively contribute to projects and organizational initiatives to provide high-quality solutions to customers. In addition to technical requirements, you should have the ability to develop value-creating strategies, good knowledge of software configuration management systems, awareness of latest technologies, logical thinking, problem-solving skills, and the ability to collaborate effectively. Understanding of financial processes, industry trends, client interfacing skills, project management, and team management are also important skills for this role. Preferred skills for this position include experience in SOC Operations, SOAR tools like Cortex XSOAR (Demisto), threat hunting with SIEM tools, and cloud security focusing on Microsoft Azure's Threat Detection & Response, specifically Azure Sentinel.,