Zortech Solutions
Location
Ontario, CA | United States
Job description
Key Capabilities & Responsibilities
Lead the log onboarding and integration process for Microsoft Sentinel SIEM, ensuring successful integration of various log sources onto the SIEM, including the development of custom use cases where required
Maintain, and administer security monitoring and alerting systems and processes, ensuring ongoing visibility.
Continuously improve the efficiency of threat detection, alerting and response through use case development, tuning and automation
Configuring and monitoring Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firm's Managed Security Services Provider (MSSP) services
Utilize scripting languages, including PowerShell, Python, and KQL, to automate tasks and enhance system functionality.
Development of advanced Sentinel queries and workbooks, including Logic/Function App development
Create and maintain system documentation for security event processing.
Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
Assist in the incident response processes to contain, remediate, and recover from security incidents
Maximize security tools to continuously improve the detection, prevention, and analysis of security incidents
Maintain, administer, and integrate threat detection and remediation capabilities into security operations to address emergent cyber threats to IGM products, services, data, and infrastructure.
Maintain and administer the day-to-day activities of Microsoft Sentinel Security Incident and Event Management (SIEM), including
o SIEM Platform Operations
Job tags
Salary
