Technical Security Architect (Sentnel)

Technical Security Architect (Microsoft Sentinel)

Company Description:

Role Description:

As a Technical Security Architect, you will:

• Architect Solutions:

   Lead the end-to-end design, implementation, and continuous optimization of a large-scale Microsoft Sentinel environment for our clients.

• Develop Advanced Detections:

   Author and implement advanced analytics rules, custom threat detection logic, and correlation rules using Kusto Query Language (KQL).

• Drive Automation:

   Design, build, and manage a library of SOAR playbooks using Azure Logic Apps to automate incident response actions, dramatically reducing response times.

• Serve as a Top-Tier Expert:

   Act as the lead L3 technical escalation point for major security incidents, guiding complex investigations and coordinating response efforts.

• Lead Threat Hunting:

   Conduct proactive, intelligence-driven threat hunting campaigns within client environments to uncover undetected and emerging threats.

• Integrate Ecosystems:

   Oversee the technical integration of a wide array of log sources, including Microsoft Defender for Endpoint, Microsoft Entra ID, AWS, M365, and network infrastructure.

• Provide Visibility:

   Create and maintain live, interactive security dashboards and reports using Sentinel Workbooks to provide real-time visibility to clients and internal leadership.

• Collaborate for Success:

   Work closely with clients and internal Aristiun teams to ensure service delivery excellence, provide technical oversight, and guarantee SLAs are met.

Qualifications:

• Technical Background:

   A degree in Cybersecurity, Information Technology, Computer Science, or a related field, OR demonstrable experience in a senior security engineering role.

• Exceptional Experience:

   7+ years of professional experience in cybersecurity, with at least 4 years in a security architecture, security engineering, or senior SOC role.

• Sentinel Expertise:

   Expert-level, hands-on experience with Microsoft Sentinel is essential. This includes deployment, data connector configuration, analytics rule development, and SOAR automation.

• KQL Proficiency:

   Deep expertise in Kusto Query Language (KQL) for threat hunting, data analysis, and creating advanced detections.

• Microsoft Security Ecosystem:

   Deep technical knowledge of Microsoft Defender for Endpoint, Microsoft Entra ID, and Microsoft 365 security controls.

• Automation & Scripting Skills:

   Experience with PowerShell, Python, or Azure Logic Apps.

• Self-Starter and Team Player:

   Able to work independently and collaboratively in a remote environment.

• Strong Communicator:

   Proven ability to translate complex technical concepts into clear, actionable guidance for clients and team members.

Bonus Points:

• Prior experience migrating a large enterprise from a legacy SIEM to Microsoft Sentinel.
• Experience in a consulting or client-facing role, managing the technical relationship with an enterprise client.
• Relevant industry certifications (e.g., AZ-500, SC-200, CISSP, GIAC).

What We Offer:

• Competitive Salary:

   A great salary that reflects your experience and contributions.

• Equity Opportunities:

   For deserving candidates, we offer the chance to share in Aristiun's success.

• Performance Bonuses:

   Rewarding performance with attractive bonuses.

• Remote Work Flexibility:

   Work from anywhere with a strong internet connection.

• Continuous Learning:

   Access to cutting-edge technology and professional development opportunities to stay at the forefront of the industry.

• Join Aristiun and help us shape the future of AI-driven security!