We are seeking an experiencedMicrosoft XDR and Sentinel Expertto join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure.
The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem.
Qualifications:BE/B-tech In IT or MCA or equivalent
Requirements & Skills:
- Proven hands-on experience with Microsoft Sentinel and Microsoft Defender for Endpoint Implementation.
- Strong proficiency inKusto Query Language (KQL).
- Experience withPowerShellandLogic Appsfor automation.
- Deep understanding of SIEM/SOAR, EDR, XDR concepts, and cybersecurity frameworks.
- Familiarity with Microsoft 365 Defender, Azure Security Center, and related Microsoft security tools.
- Strong troubleshooting, analytical, and communication skills.
- Familiarity with MITRE ATT&CK & NIST framework.
Certifications:
CISSP/CISM/ISO 27001/20000 or any other IT Security Certification
Azure Cloud /Office365 (optional)/ SC-200/ SC-100/ AZ-500
Experience:Minimum 3 Years Experience in IT security, SOC design & Operations.
Personal attributes:
- Excellent communication skills, both verbal and written.
- Training & Presentation Skill
- Effectively articulate ideas, convey information
- Establishing rapport, actively listening to customer needs and concerns, and demonstrate empathy
- Address customer inquiries or issues promptly and professionally
- Clear and concise communication is essential for understanding requirements & expectations
Work Environment: Posting at Faridabad /Greater Noida,
Shift
Main Tasks:
- Endpoint detection and response (EDR) (Detecting security threats, Containing the threat at the endpoint, Investigating the threat, Remediating the threat before it spreads)
- User and entity behavior analytics (UEBA), Cyber threat hunting, Threat intelligence
- Cybersecurity, Threats detections. Application Penetration Testing, Public-Private Cloud Security
- Organize Security Trainings/Awareness Programs
- SOC Monthly Reports preparation & Presentation to Senior Management
- Dealing with Customers for IT security issues
- Provide Consultancy to the Customers
- Configure and manage Microsoft Defender for Endpoint (MDE) across Windows, macOS, and mobile endpoints.
- Integrate Defender with Microsoft 365 Defender and Sentinel for end-to-end visibility.
- Design and enforce endpoint protection policies, EDR settings, and attack surface reduction rules.
- Implement, and manage Microsoft Sentinel (SIEM/SOAR).
- Develop and tune analytic rules, workbooks, playbooks (Logic Apps), and hunting queries using KQL
- Integrate data connectors from various Microsoft and third-party sources (e.g., Azure, M365, security appliances)
- Lead the development of automation workflows to streamline alert handling and response.
- Act as the go-to expert for SOC teams, helping with incident triage and threat investigation.
- Provide expert guidance in security operations, threat detection, and response processes.
- Conduct knowledge transfer sessions and develop internal documentation.
- Custom parser creation for unsupported devices.
- Custom SOAR Playbook creation, Integration with REST APIs.
- Handle critical or escalated incident & provide guidance to Team.
Other Tasks:
- Identify potential risks or issues before they escalate
- Embrace change, adapt quickly to shifting IT Security needs or conditions.
- Proactively seek new opportunities for improvements and Adjust IT Security strategies accordingly
- Stay updated on industry trends to implement relevant Security solutions
- Pay attention to details to ensure project requirements and deliverables are met accurately
- Review project documentation, monitor progress
- Work closely with diverse teams, stakeholders, and clients.
