SOC Incident Management with Azure Sentinel

Role- SOC Incident Management with Azure Sentinel.

Location- Raleigh, NC

Mandatory Skills: SOC Incident Management

1. Microsoft Sentinel
2. MS Sentinel SOAR
3. MITRE Attack framework
4. Kill Chain
5. SOC Analysis
6. Investigation

Primary Skills:

1. Minimum 5 years of experience in Security Operations & Incident Response. Resource should have experience in Azure Sentinel.

2. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives

3. Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs aligning with customer

4. Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center

5. Perform threat management, threat modeling, identify threat vectors and review use cases for security monitoring

6. Responsible for integration review of standard and non-standard logs in SIEM

7. Submission of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.

8. Co-ordination with stakeholders, build and maintain positive working relationships with them.

9. Provide support to the Security Operations Center (SOC) during incident response, event monitoring, and threat hunting activities. Responsibilities include cyber threat analysis support, research, recommending appropriate remediation and mitigation.

10. Incident & Problem Management - Monitoring, Validation, Analysis, Triage, Escalation, Response and Resolution

11. SIEM - Log source integration

12. Use Case Fine tuning and New Use case creation

13. Proficient in one more of the following computer languages PowerShell, Bash, Python, or Visual Basic to support cyber threat detection or reporting. Security API implementations can be considered as well.

14. Candidate must have a deep understanding of several of the following fields: Email security (including PDF and Document analysis), digital media forensics, monitoring and detection, incident response, vulnerability assessment, penetration testing, cyber intelligence analysis and network analysis

15. Deep understanding of either the Lockheed Cyber Kill Chain or MITRE Attacks framework (MITRE preferred) 16. Cyber threat analysis support, research and recommend appropriate remediation and mitigation

17. Trending and correlation of monitored events to build new Indicators of Compromise (IOC), attack attribution and helping establish countermeasures increasing cyber resiliency

18. Identification of advanced cyber threat activities, Endpoint Detection & Response, intrusion detection, incident response, malware analysis, and security content development (e.g., signatures, rules etc.); and cyber threat intelligence Educational Requirement Bachelor's Degree, in Computer Science or related field preferred and 7+ years' experience in an information technology field with a minimum of 3 years of experience as a Tier III senior cybersecurity analyst performing intelligence analysis, collection management, and technical analysis