Search by job, company or skills

Happiest Minds Technologies

TECHNICAL LEAD - Azure Sentinel SIEM

Happiest Minds Technologies
Bengaluru, India
5-8 Years
Save
  • Posted 6 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

SOC L3 Analyst (Microsoft Sentinel SIEM)

Role Overview:

We are seeking a highly skilled SOC L3 Analyst with deep expertise in Microsoft Sentinel SIEM to lead advanced security monitoring, incident response, and threat hunting activities. The role involves handling complex security incidents, developing detection use cases, and improving SOC maturity through automation and optimization.

Key Responsibilities

  • Lead end-to-end incident handling for high-severity (P1/P2) incidents using Microsoft Sentinel.
  • Perform deep-dive forensic analysis using KQL, Defender suite, and Azure AD signals.
  • Investigate advanced attack patterns such as lateral movement, privilege escalation, persistence, and data exfiltration.
  • Develop and optimize analytics rules, hunting queries, and dashboards.
  • Map detections with MITRE ATT&CK framework.
  • Optimize SIEM ingestion, connectors, and detection logic.
  • Develop automation using Logic Apps playbooks.
  • Integrate threat intelligence feeds and enable IOC correlation.
  • Act as escalation point for L1/L2 analysts and support incident RCA.
  • Prepare reports, dashboards, and ensure SLA/KPI tracking.

Required Technical Skills

  • Hands-on expertise in Microsoft Sentinel and Azure environments.
  • Strong KQL (Kusto Query Language) skills.
  • Experience with Microsoft Defender suite (MDE, MDI, MDO).
  • Knowledge of endpoint, network, and identity security.
  • Understanding of MITRE ATT&CK framework.
  • Experience with APIs, Logic Apps, and scripting (PowerShell/Python).

Preferred Skills

  • Experience with other SIEM tools like Splunk or QRadar.
  • Exposure to UEBA and XDR platforms.
  • Basic knowledge of digital forensics and malware analysis.

Certifications

  • SC-200: Security Operations Analyst
  • AZ-500: Azure Security Engineer
  • CEH, GCIH or equivalent certifications

Experience

  • 5 to 8 years in SOC/Cybersecurity
  • 2 to 3 years of hands-on Microsoft Sentinel experience

KPIs

  • Reduction in MTTD and MTTR
  • Improved detection accuracy
  • Reduced false positives
  • Enhanced automation coverage

Business Value

  • Improves threat detection in cloud-native environments
  • Reduces response time through automation
  • Enhances security visibility
  • Optimizes SIEM cost and performance

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 149082437

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 11-06-2026 01:55:56 PM
Homejobs in Bengaluru / BangaloreTECHNICAL LEAD - Azure Sentinel SIEM