Title: Microsoft Sentinel Architect
Location: Noida
Experience: 10+ years
Roles and Responsibilities:
- Security Architecture Development:
- Design and develop security architectures leveraging Microsoft Sentinel to meet organizational requirements.
- Create and maintain security policies, rules, and playbooks within the Sentinel platform.
- Implement and configure Microsoft Sentinel to collect, analyze, and respond to security events.
- ITIL Principles and Processes:
- Demonstrate and apply knowledge of ITIL principles and processes in daily operations.
- Ensure that security solutions align with ITIL best practices.
- SPLUNK Troubleshooting and Support:
- Troubleshoot SPLUNK server and forwarder problems and issues.
- Provide support for SPLUNK on UNIX, Linux, and Windows-based platforms.
- Assist internal users of SPLUNK in designing and maintaining production-quality dashboards.
- SPLUNK Infrastructure Management:
- Monitor the SPLUNK infrastructure for capacity planning, system health, availability, and optimization.
- Assist with the design of core scripts to automate SPLUNK maintenance and alerting tasks.
- Bring new data into the SPLUNK platform per client request, creating custom source types when necessary.
- Automation and Optimization:
- Assist with the automation of processes and procedures to enhance efficiency.
- Design and implement automation scripts for SPLUNK maintenance and alerting tasks.
- Data Management and Customization:
- Verify custom reports, manage log source groups, and validate log sources with clients.
- Create and manage custom source types and data inputs as per client requirements.
- Collaboration and Communication:
- Collaborate with cross-functional teams to ensure seamless integration of security solutions.
- Communicate effectively with stakeholders to understand and address their security needs.
- Continuous Improvement:
- Stay updated with the latest trends and advancements in security technologies.
- Continuously improve security architectures and processes to enhance organizational security posture.
- Documentation and Reporting:
- Maintain comprehensive documentation of security architectures, policies, and procedures.
- Generate and present reports on security events, incidents, and overall system health.
- Training and Mentorship:
- Provide training and mentorship to junior team members on Microsoft Sentinel and SPLUNK.
- Share best practices and knowledge to foster a culture of continuous learning and improvement.
