Microsoft Sentinel SME
Jobs via Dice
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About the Microsoft Sentinel SME Role at EastBaySystems
EastBaySystems is seeking a highly skilled and experienced Microsoft Sentinel SME to join their team. This 100% remote position offers flexibility in work hours, though attendance at meetings is required. The successful candidate will play a critical role in advancing security operations, leveraging their expertise in Microsoft Sentinel to enhance threat detection, develop robust content, and implement advanced automation solutions.
A key requirement for this role is the ability to attain a Public Trust Clearance, indicating involvement with sensitive government projects or data. This position is ideal for a security expert passionate about leveraging cutting-edge cloud security technologies to protect critical systems.
Key Responsibilities
- Apply expert knowledge of security engineering within a SOC environment, primarily utilizing Microsoft Sentinel.
- Develop and enhance threat detection capabilities and SOC content, including dashboards, metrics, and alerts.
- Create and tune advanced alerts using KQL (Kusto Query Language).
- Design, implement, and optimize Logic Apps and SOAR (Security Orchestration, Automation, and Response) automation within Microsoft Azure and Sentinel.
- Utilize understanding of MITRE ATT&CK framework tactics, techniques, and procedures to strengthen detection mechanisms.
- Perform log analysis and manage various log sources to ensure comprehensive security monitoring.
- Develop and maintain scripts using Advanced PowerShell and Python for automation and security operations.
- Operate effectively within a Red Hat Linux environment.
Required Qualifications
- Demonstrated expert knowledge of security engineering in a SOC setting with Microsoft Sentinel.
- Proven experience in threat detection and SOC content development (dashboards, metrics), including alert development, testing, and tuning.
- Advanced proficiency in KQL for alert development.
- Hands-on experience developing and implementing Logic Apps and SOAR automation leveraging MS Azure and Sentinel.
- Solid understanding of the MITRE ATT&CK framework and its application to enhance detections.
- Experience with diverse log sources and comprehensive log analysis.
- Advanced scripting skills in PowerShell and Python.
- Experience working in a Red Hat Linux environment.
- Ability to attain Public Trust Clearance.
Key Skills/Competency
- Microsoft Sentinel
- Security Engineering
- SOC Operations
- Kusto Query Language (KQL)
- SOAR Automation
- Azure Logic Apps
- MITRE ATT&CK Framework
- Log Analysis
- PowerShell Scripting
- Python Scripting
- Red Hat Linux
How to Get Hired at Jobs via Dice
- Research EastBaySystems's mission: Study their values, client focus, and any public projects to align your application.
- Tailor your resume for Sentinel expertise: Highlight specific achievements in Microsoft Sentinel, KQL, SOAR, and Azure.
- Showcase Public Trust eligibility: Be prepared to discuss your background and ability to clear a Public Trust investigation.
- Prepare for technical depths: Practice KQL, PowerShell, and Python scripting relevant to security automation and log analysis.
- Articulate MITRE ATT&CK knowledge: Demonstrate how you've applied the framework to enhance threat detections.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background