Our client a global MSSP are seeking a Senior Sentinel Security Engineer to join their successful Securiry Engineering team. Working with enterprise level customers as a Sentinel SME this role offers a real mix of BAU support alongside complex and challenging project work.
This is a remote role with very limited travel to Head Office in the West Midlands for collaboration day. You must be based in the UK.
What will you be doing as a Senior Sentinel Security Engineer
• Manage, monitor and maintain our Sentinel and Defender offering, creating and tuning alerts where necessary.
• Investigate log ingestion rates and track them.
• Provide recommendations to our customers on the difference between operational and security logging.
• Ensure each customer's operational health is maintained and respond to all platform requests within agreed SLAs.
• Creation of Sentinel workbooks and Logic Apps
• Lead the implementation of any required upgrades to the technology stack.
• Lead the development of solutions to improve detections and operational capability through the proficient use of KQL.
• Lead integrations between Sentinel and other security technologies
• Maintain an awareness of the latest Defensive Monitoring technologies and trends
• Maintain an up-to-date understanding of current threats and trends in Cyber Crime and apply this information as part of your daily duties when creating custom queries and altering the SOC Monitor infrastructure.
• Assist both Infrastructure Support and Network Operations in a wide range of duties ranging from security best practice recommendations through to analysing suspicious activity on infrastructure devices.
What experience do you need?
- Demonstrable SIEM, EDR, and EPP skills and technical familiarity of Microsoft Azure solutions.
- Demonstrable experience of working in a complex, high-performing service management enterprise environment.
- Microsoft certifications such as:
- SC-200
- AZ-500
- Demonstrable experience with writing complex queries in KQL
- Demonstrable experience creating Playbooks (Logic App), documentation, and deployment.
- Demonstrable experience with Sentinel log analysis and content creation
- An understanding of Python and RegEx
- Good understanding of IT infrastructure including Windows and Linux applications as well as network and other security vendor products.
- Experience of analysing complex data, making sensible recommendations, and presenting to management teams as part of continuous service improvement.
- Understanding of attack vectors, with the ability to differentiate between normal and abnormal activity, providing recommendations on countermeasures and remediation activities.
- Experience in a customer-facing role; communicating to different levels of stakeholders.
- Experience with network detection technologies such as Corelight
- Experience with deception technology
- Experience with Sentinel Function Apps
What will you get in return?
Basic salary of up to £75,000 per annum
Remote working
Profressional certifications paid for
Ongoing profressional development
Competitive pension
Privat health care
If you match the above click apply now with an up to date version of your CV.