TC - CS - CDR - SIEM Content Developer - Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job Description for MS Sentinel Consultant:

Key Responsibilities:

• Content Development: Design, develop, and maintain security event monitoring and alerting processes using Sentinel SIEM.
• Use Case Creation: Develop use cases under frameworks like Cyber Kill Chain and MITRE ATT&CK.
• Expected to seamlessly migrate and translate use cases from another SIEM To Sentinel
• Integration: Integrate critical devices and applications, including custom parsers for unsupported systems.
• Automation: Develop, automate, and orchestrate tasks (playbooks) using logic apps based on specific events.
• Incident Management: Configure Sentinel incidents, workbooks, hunt queries, and notebooks.
• Consulting: Provide consulting during testing, evaluation, pilot, production, and training phases to ensure successful deployment.
• Threat Modelling: Utilize threat modelling to enhance security monitoring and response strategies.
• Reporting: Generate intelligent reports and dashboards to provide actionable insights to stakeholders.
• Should have strong hands-on experience in:
• • Installation, administration and troubleshooting of OMS/AMA agent.
  • Use case creation using KQL
  • Configuration of Analytic Rules
  • Custom parser development
• Supporting presales initiatives with regards to Microsoft Security such as answering RFPs, client presentations, demos.
• If required should be able to lead a team on deployment/migration activities.

Qualification & Experience:

• 3-5 years related experience in cybersecurity operations, particularly in a SOC or similar environment.
• Proficiency in using security monitoring tools, such as Sentinel SIEM systems, IDS/IPS, EDR – Microsoft Defender, XSOAR – SOAR solutions.
• Strong knowledge of application, network, and infrastructure security.
• Excellent analytical, problem-solving, and decision-making skills.
• Ability to work under pressure and manage multiple incidents simultaneously.
• Strong communication and teamwork skills, with the ability to coordinate with cross-functional teams.
• Familiarity with global cybersecurity standards and regulatory requirements.

Special Factors:

• Willing to work from ODC as and when required in rotational shift.
• Weekend availability/flexibility to work weekends is a MUST.
• Willing to support US shift (Night shift)

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.