Sentinel Onboarding Engineer
To see similar active jobs please follow this link: Remote Development jobs
Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Role
The Azure Sentinel Onboarding Engineer is responsible for managing the end-to-end onboarding process for clients using Microsoft Sentinel. This includes deploying and configuring Sentinel environments, integrating log sources, customizing alerting and reporting capabilities, and providing comprehensive documentation and training. The role requires close collaboration with clients to understand their security challenges and tailor the onboarding experience to meet their specific requirements.
Responsibilities
Onboarding Management: Lead the onboarding process for new Azure Sentinel clients, ensuring a smooth and timely transition to full operation.
Deployment and Configuration: Set up and configure Azure Sentinel environments tailored to client-specific security requirements, including the integration of various log sources (e.g., network devices, servers, applications).
Customization: Develop and tune SIEM use cases, alerts, and dashboards to meet the unique needs of each client. This includes building complex correlation rules, optimizing detection accuracy, and minimizing false positives.
Alert Development and Tuning: Design and implement custom alert logic based on client-specific threat scenarios, leveraging the power of KQL (Kusto Query Language) for advanced detection patterns. Regularly review and fine-tune alert thresholds and conditions to adapt to changing threat landscapes.
CI/CD Integration: Implement Continuous Integration/Continuous Deployment (CI/CD) pipelines to automate the deployment of security monitoring solutions, including alert logic and updates, ensuring rapid and consistent configurations across environments.
Automation and Scripting: Leverage scripting languages like Python and automation tools to streamline onboarding tasks, improve alerting mechanisms, and enhance security orchestration. Collaborate with DevOps teams to ensure seamless integration within the security pipeline.
Version Control: Use GitHub for version control, ensuring that alert development, scripts, and configurations are properly tracked, maintained, and reviewed.
Documentation: Create and maintain detailed documentation for each onboarding project, including setup guides, configuration details, and operational procedures to support ongoing client management.
Training and Support: Conduct training sessions and workshops to equip clients with the knowledge needed to effectively manage their Azure Sentinel environment. Provide technical guidance and troubleshooting support throughout the onboarding process.
Collaboration: Work closely with internal teams such as sales, account management, and security operations to ensure client satisfaction and successful onboarding outcomes. Facilitate coordination between clients and other Cyderes teams to resolve onboarding challenges.
Process Improvement: Continuously refine onboarding processes and best practices based on feedback, industry developments, and evolving client needs to enhance the overall onboarding experience.
Client Engagement: Engage with clients to understand their security landscape, gather requirements, and offer strategic advice on best practices for using Azure Sentinel.
Requirements
Experience: 3+ years of experience with Azure Sentinel or other SIEM platforms, with a focus on onboarding and client implementation.
Technical Skills: In-depth knowledge of Azure Sentinel deployment, configuration, and management. Proficiency in data collection technologies such as syslog, API integrations, and cloud connectors.
Alert Development Expertise: Proven experience in developing and tuning SIEM alerts based on real-world use cases, with a focus on optimizing alert accuracy and minimizing false positives.
CI/CD Experience: Familiarity with Continuous Integration/Continuous Deployment (CI/CD) pipelines and automation frameworks to streamline deployment processes.
Python and Scripting Skills: Strong Python scripting experience, with a focus on automating security tasks and enhancing detection logic.
GitHub: Experience in using GitHub for version control, ensuring proper management of alert configurations, scripts, and deployment workflows.
Cybersecurity Knowledge: Strong understanding of cybersecurity principles, SIEM best practices, and log management. Familiarity with Azure cloud services, including Azure Active Directory and Azure Security Center.
Analytical Skills: Strong problem-solving and analytical skills with the ability to diagnose and resolve technical issues efficiently.
Communication: Excellent communication and interpersonal skills, capable of explaining complex technical concepts to both technical and non-technical stakeholders.
Project Management: Proven ability to manage multiple onboarding projects simultaneously, ensuring timely delivery and high-quality outcomes.
Certifications: Industry-recognized certifications in security or cloud technologies (e.g., Microsoft Certified: Azure Security Engineer Associate, CompTIA Security+) are a plus.
Preferred Qualifications:
Experience with scripting and automation tools (e.g., PowerShell, Python) to streamline onboarding tasks.
Familiarity with regulatory and compliance requirements related to data security and privacy.
Experience in conducting training sessions and knowledge transfer for client teams.
Understanding of network protocols, secure network design, and network monitoring tools.
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
About the job
Sentinel Onboarding Engineer
To see similar active jobs please follow this link: Remote Development jobs
Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Role
The Azure Sentinel Onboarding Engineer is responsible for managing the end-to-end onboarding process for clients using Microsoft Sentinel. This includes deploying and configuring Sentinel environments, integrating log sources, customizing alerting and reporting capabilities, and providing comprehensive documentation and training. The role requires close collaboration with clients to understand their security challenges and tailor the onboarding experience to meet their specific requirements.
Responsibilities
Onboarding Management: Lead the onboarding process for new Azure Sentinel clients, ensuring a smooth and timely transition to full operation.
Deployment and Configuration: Set up and configure Azure Sentinel environments tailored to client-specific security requirements, including the integration of various log sources (e.g., network devices, servers, applications).
Customization: Develop and tune SIEM use cases, alerts, and dashboards to meet the unique needs of each client. This includes building complex correlation rules, optimizing detection accuracy, and minimizing false positives.
Alert Development and Tuning: Design and implement custom alert logic based on client-specific threat scenarios, leveraging the power of KQL (Kusto Query Language) for advanced detection patterns. Regularly review and fine-tune alert thresholds and conditions to adapt to changing threat landscapes.
CI/CD Integration: Implement Continuous Integration/Continuous Deployment (CI/CD) pipelines to automate the deployment of security monitoring solutions, including alert logic and updates, ensuring rapid and consistent configurations across environments.
Automation and Scripting: Leverage scripting languages like Python and automation tools to streamline onboarding tasks, improve alerting mechanisms, and enhance security orchestration. Collaborate with DevOps teams to ensure seamless integration within the security pipeline.
Version Control: Use GitHub for version control, ensuring that alert development, scripts, and configurations are properly tracked, maintained, and reviewed.
Documentation: Create and maintain detailed documentation for each onboarding project, including setup guides, configuration details, and operational procedures to support ongoing client management.
Training and Support: Conduct training sessions and workshops to equip clients with the knowledge needed to effectively manage their Azure Sentinel environment. Provide technical guidance and troubleshooting support throughout the onboarding process.
Collaboration: Work closely with internal teams such as sales, account management, and security operations to ensure client satisfaction and successful onboarding outcomes. Facilitate coordination between clients and other Cyderes teams to resolve onboarding challenges.
Process Improvement: Continuously refine onboarding processes and best practices based on feedback, industry developments, and evolving client needs to enhance the overall onboarding experience.
Client Engagement: Engage with clients to understand their security landscape, gather requirements, and offer strategic advice on best practices for using Azure Sentinel.
Requirements
Experience: 3+ years of experience with Azure Sentinel or other SIEM platforms, with a focus on onboarding and client implementation.
Technical Skills: In-depth knowledge of Azure Sentinel deployment, configuration, and management. Proficiency in data collection technologies such as syslog, API integrations, and cloud connectors.
Alert Development Expertise: Proven experience in developing and tuning SIEM alerts based on real-world use cases, with a focus on optimizing alert accuracy and minimizing false positives.
CI/CD Experience: Familiarity with Continuous Integration/Continuous Deployment (CI/CD) pipelines and automation frameworks to streamline deployment processes.
Python and Scripting Skills: Strong Python scripting experience, with a focus on automating security tasks and enhancing detection logic.
GitHub: Experience in using GitHub for version control, ensuring proper management of alert configurations, scripts, and deployment workflows.
Cybersecurity Knowledge: Strong understanding of cybersecurity principles, SIEM best practices, and log management. Familiarity with Azure cloud services, including Azure Active Directory and Azure Security Center.
Analytical Skills: Strong problem-solving and analytical skills with the ability to diagnose and resolve technical issues efficiently.
Communication: Excellent communication and interpersonal skills, capable of explaining complex technical concepts to both technical and non-technical stakeholders.
Project Management: Proven ability to manage multiple onboarding projects simultaneously, ensuring timely delivery and high-quality outcomes.
Certifications: Industry-recognized certifications in security or cloud technologies (e.g., Microsoft Certified: Azure Security Engineer Associate, CompTIA Security+) are a plus.
Preferred Qualifications:
Experience with scripting and automation tools (e.g., PowerShell, Python) to streamline onboarding tasks.
Familiarity with regulatory and compliance requirements related to data security and privacy.
Experience in conducting training sessions and knowledge transfer for client teams.
Understanding of network protocols, secure network design, and network monitoring tools.
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.