Title: Microsoft Sentinel Architect

Location: Noida

Experience: 10+ years

Roles and Responsibilities:

1. Security Architecture Development:

• Design and develop security architectures leveraging Microsoft Sentinel to meet organizational requirements.
• Create and maintain security policies, rules, and playbooks within the Sentinel platform.
• Implement and configure Microsoft Sentinel to collect, analyze, and respond to security events.

1. ITIL Principles and Processes:

• Demonstrate and apply knowledge of ITIL principles and processes in daily operations.
• Ensure that security solutions align with ITIL best practices.

1. SPLUNK Troubleshooting and Support:

• Troubleshoot SPLUNK server and forwarder problems and issues.
• Provide support for SPLUNK on UNIX, Linux, and Windows-based platforms.
• Assist internal users of SPLUNK in designing and maintaining production-quality dashboards.

1. SPLUNK Infrastructure Management:

• Monitor the SPLUNK infrastructure for capacity planning, system health, availability, and optimization.
• Assist with the design of core scripts to automate SPLUNK maintenance and alerting tasks.
• Bring new data into the SPLUNK platform per client request, creating custom source types when necessary.

1. Automation and Optimization:

• Assist with the automation of processes and procedures to enhance efficiency.
• Design and implement automation scripts for SPLUNK maintenance and alerting tasks.

1. Data Management and Customization:

• Verify custom reports, manage log source groups, and validate log sources with clients.
• Create and manage custom source types and data inputs as per client requirements.

1. Collaboration and Communication:

• Collaborate with cross-functional teams to ensure seamless integration of security solutions.
• Communicate effectively with stakeholders to understand and address their security needs.

1. Continuous Improvement:

• Stay updated with the latest trends and advancements in security technologies.
• Continuously improve security architectures and processes to enhance organizational security posture.

1. Documentation and Reporting:

• Maintain comprehensive documentation of security architectures, policies, and procedures.
• Generate and present reports on security events, incidents, and overall system health.

1. Training and Mentorship:

• Provide training and mentorship to junior team members on Microsoft Sentinel and SPLUNK.
• Share best practices and knowledge to foster a culture of continuous learning and improvement.