Tasks and Responsibilities
- Lead the
delivery of our managed services based on Microsoft Sentinel to our customers.
- Onboard
Microsoft Sentinel customers into our multi-tenant MSSP environment.
- Setup and
support Microsoft Sentinel data connectors and integrations as directed by
customers.
- Connect the
customer’s environment through Azure Lighthouse and Azure B2B for federated
identity management.
- Review and
address gaps in the configuration of Microsoft Sentinel and Microsoft 365
Defender product suite.
- Assist customers
with improving their security posture through optimal use of Microsoft security
products.
- Design use cases
for and create playbooks, workbooks, analytics rules and automation rules.
- Automate
response and remediation activities using SOAR and Azure Playbooks.
- Continuously
look for ways to improve service delivery and security detection capabilities.
- Support and
audit the work of the information security analyst working with Microsoft
Sentinel.
- Guide
information security analysts while they perform remediation activities related
to security events.
- Create and
maintain security incident response processes with customers for current and
future security threats.
- Perform
proactive threat hunting using KQL queries against the data set of the
customers.
- Maintain and use
Azure DevOps to manage and deploy our Microsoft Sentinel artifacts to our
customers.
- Build reports
for our customers on service delivery performance, security assessments and
security recommendations.
- Review and
update technical documents to maintain current and future monitoring solution.
- Work with other
employees and partners to grow the business and prepare for future customer
needs.