TC-CS-CDR-Sentinel-Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job Description for MS Sentinel Consultant:

The ideal candidate will be responsible for designing, implementing, and maintaining our Sentinel platform, ensuring its reliability, scalability, and security. You will work closely with cross-functional teams to deliver innovative solutions that meet business needs, including the development of use cases that leverage the platform's capabilities.

Key Responsibilities:

• Design and develop robust and scalable architecture for the Sentinel platform.
• Implement and maintain CI/CD pipelines to automate deployment processes.
• Collaborate with software developers, system architects, and other stakeholders to define platform requirements and specifications.
• Content Development: Design, develop, and maintain security event monitoring and alerting processes using Sentinel.
• Develop use cases under frameworks like Cyber Kill Chain and MITRE ATT&CK.
• Expected to seamlessly migrate and translate use cases from another SIEM To Sentinel
• Integrate critical devices and applications, including custom parsers for unsupported systems.
• Develop, automate, and orchestrate tasks (playbooks) using logic apps based on specific events.
• Configure Sentinel incidents, workbooks, hunt queries, and notebooks.
• Provide consulting during testing, evaluation, pilot, production, and training phases to ensure successful deployment.
• Utilize threat modelling to enhance security monitoring and response strategies.
• Generate intelligent reports and dashboards to provide actionable insights to stakeholders.

Should have strong hands-on experience in:

• Installation, administration and troubleshooting of OMS/AMA agent.
• Use case creation using KQL
• Configuration of Analytic Rules
• Custom parser development
• Supporting presales initiatives with regards to Microsoft Security such as answering RFPs, client presentations, demos.
• If required should be able to lead a team on deployment/migration activities.

Qualification & Experience:

• 3-5 years related experience in cybersecurity operations, particularly in a SOC or similar environment.
• Proficiency in using security monitoring tools, such as SIEM - Microsoft Sentinel and EDR – Microsoft Defender
• Strong knowledge of application, network, and infrastructure security.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and teamwork skills, with the ability to coordinate with cross-functional teams.
• Familiarity with global cybersecurity standards and regulatory requirements.

Special Factors:

• Willing to work in shifts
• Hybrid Working with Work from Office – 3 Days

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.