Key Responsibilities:
- Develop, integrate, maintain, and support internal security operations tool stack.
- Administer Microsoft Sentinel: configure workspaces, manage data connectors, design log ingestion pipelines, set up analytics rules, and write KQL queries and logic apps.
- Support QSIRT core security services and IR processes.
- Troubleshoot and resolve complex security issues; apply security principles in planning, design, and implementation of controls.
Qualifications and Skills:
- Minimum 3+ years of hands-on experience in secure software environments or DevOps role; 5+ years overall IT experience.
- Ability to integrate software and data using secure deployment methodologies.
- Knowledge of Microsoft Sentinel administration and operations.
- Understanding of system/application security threats and vulnerabilities.
- Strong networking concepts and SIEM experience (Sentinel, ELK, or similar).
- Ability to develop PowerShell and Python scripts, integrate data via APIs/REST, and implement parsing (Logstash, Grok, RegExp).
- Self-starter with minimal supervision and strong results orientation.
- Excellent English communication skills (written and verbal).
Good to Have:
- Relevant certifications (GCIH, GCED, GSEC, GNFA, GCFA, SSCP, OSCP, Security+, etc.) or proven security training track record.
