Looking for candidates with strong experience in Microsoft Sentinel as it is our primary SIEM platform. The ideal candidate should also have working knowledge of Cribl and Anomali.
Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence.
Key Responsibilities:
Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response.
Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel.
Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives.
Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events.
Execution of the use cases on SIEM, SOAR & Threat Intelligence
Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics.
Should you be interested, please feel free to contact me at srinivas.-