Job Details

Home

Urgent Position|| Microsoft Sentinel SIEM Engineer @MD(100% Remote) at Annapolis, Maryland, USA

Email: [email protected]

Direct client position

Position: Microsoft Sentinel SIEM Engineer

Duration: 1-year

Location: Annapolis, Maryland (100% Remote)

Agency:

Administrative Office of the Courts

Client: State of Maryland

Job Description:

The Offeror shall have one (1) year of experience in providing recruitment, staffing, and/or otherwise providing professional consulting services.

The Offeror shall propose resource(s) that meet the following minimum
qualifications:

BA/BS degree in Computer Science, Business Management, or an IT related field (as determined by the AOC).

The AOC prefers Offeror proposed resource(s) to have the following qualifications:

Three (3) years experience with
Azure Sentinel
.

Three (3) years experience with
Kusto Query Language
.

One (1) year experience with
Information Security.

Active Microsoft Security Operations Analyst Associate certification.

Essential Functions:

SIEM Configuration:

Design and deploy SIEM resources, including configuring analytics rules, playbooks, azure logic apps and data connectors, to support data collection and analysis needs.

Optimize SIEM configurations to ensure efficient data storage, retrieval, and search capabilities.

Data Collection and Integration:

Collaborate with system owners to identify available data sources and drive initiatives to ingest that system data.

Develop data ingestion strategies, create data inputs, and set up data source integration for various log and event data types.

Design and implement data normalization and transformation processes for consistent and accurate analysis.

Dashboard and Visualization Development:

Design and create interactive dashboards, reports, and visualizations using SIEM's capabilities.

Present data insights in a clear and actionable manner to support decision-making processes.

Develop data visuals for the SOC displays screens.

Search, Queries and Alerts:

Develop and optimize analytics rules and alert mechanisms to proactively monitor for security threats, anomalies, and operational issues.

Configure alerts to trigger automated responses or notifications based on predefined criteria.

SIEM App Development:

Build custom SIEM apps and add-ons to extend functionality and support specific agency requirements.

Collaborate with development teams to integrate SIEM with other systems and tools.

Training and Documentation:

Provide training and guidance to other JIS SOC team members on Microsoft Sentinel best practices, usage, and administration.

Create documentation for configurations, processes, and troubleshooting procedures.

Skills, Experience & Capabilities:

Offeror shall propose resource(s) possessing the following mid to expert level preferred skills, experience, and capabilities:

Recent experience with the administration and management of Microsoft Sentinel.

Experience developing, compiling, and executing KQL queries.

Strong aptitude to learn platforms, to work with stakeholders, to understand and provide thoughts on how to customize and maintain platforms to meet organizational business needs.

Experience generating playbooks and using Azure logic apps for security orchestration, automation and response.

Experience in querying, reviewing and providing contextual information from log data.

Proficient in the use of M365 Office suite of tool.

Ability to establish and maintain effective working relationships with peers, end users and vendor development staff, as well as all levels of management and judicial personnel as necessary.

Ability to communicate clearly and lead technical discussions related to log data management and knowledge sharing.

Thanks,

Anshuli Shandilya

Technical Recruiter

Mail:
[email protected], www.technixonline.com

LinkedIn: https://www.linkedin.com/in/anshuli-shandilya-3a4808148/

Direct: 480-389-2890

Phoenix, AZ, 85050

Technix LLC |
Phoenix, AZ
|
phoenix, AZ 85050 US

|

Update Profile
|

Constant Contact Data Notice

Keywords: business analyst information technology Arizona
Urgent Position|| Microsoft Sentinel SIEM Engineer @MD(100% Remote)
[email protected]

[email protected]
View all

Thu Jul 11 20:02:00 UTC 2024

To remove this job post send "job_kill 1552772" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

anshuli@technixonline.com wrote:
Direct client position

Position: Microsoft Sentinel SIEM Engineer

Duration: 1-year

Location: Annapolis, Maryland (100% Remote)

Agency:

Administrative Office of the Courts

Client: State of Maryland

Job Description:

The Offeror shall have one (1) year of experience in providing recruitment, staffing, and/or otherwise providing professional consulting services.

The Offeror shall propose resource(s) that meet the following minimum 
qualifications:

BA/BS degree in Computer Science, Business Management, or an IT related field (as determined by the AOC).

The AOC prefers Offeror proposed resource(s) to have the following qualifications:

Three (3) years experience with 
Azure Sentinel
.

Three (3) years experience with 
Kusto Query Language
.

One (1) year experience with 
Information Security.

Active Microsoft Security Operations Analyst Associate certification.

Essential Functions:

SIEM Configuration:

Design and deploy SIEM resources, including configuring analytics rules, playbooks, azure logic apps and data connectors, to support data collection and analysis needs.

Optimize SIEM configurations to ensure efficient data storage, retrieval, and search capabilities.

Data Collection and Integration:

Collaborate with system owners to identify available data sources and drive initiatives to ingest that system data.

Develop data ingestion strategies, create data inputs, and set up data source integration for various log and event data types.

Design and implement data normalization and transformation processes for consistent and accurate analysis.

Dashboard and Visualization Development:

Design and create interactive dashboards, reports, and visualizations using SIEM's capabilities.

Present data insights in a clear and actionable manner to support decision-making processes.

Develop data visuals for the SOC displays screens.

Search, Queries and Alerts:

Develop and optimize analytics rules and alert mechanisms to proactively monitor for security threats, anomalies, and operational issues.

Configure alerts to trigger automated responses or notifications based on predefined criteria.

SIEM App Development:

Build custom SIEM apps and add-ons to extend functionality and support specific agency requirements.

Collaborate with development teams to integrate SIEM with other systems and tools.

Training and Documentation:

Provide training and guidance to other JIS SOC team members on Microsoft Sentinel best practices, usage, and administration.

Create documentation for configurations, processes, and troubleshooting procedures.

Skills, Experience & Capabilities:

Offeror shall propose resource(s) possessing the following mid to expert level preferred skills, experience, and capabilities:

Recent experience with the administration and management of Microsoft Sentinel.

Experience developing, compiling, and executing KQL queries.

Strong aptitude to learn platforms, to work with stakeholders, to understand and provide thoughts on how to customize and maintain platforms to meet organizational business needs.

Experience generating playbooks and using Azure logic apps for security orchestration, automation and response.

Experience in querying, reviewing and providing contextual information from log data.

Proficient in the use of M365 Office suite of tool.

Ability to establish and maintain effective working relationships with peers, end users and vendor development staff, as well as all levels of management and judicial personnel as necessary.

Ability to communicate clearly and lead technical discussions related to log data management and knowledge sharing.

Thanks,

Anshuli Shandilya

Technical Recruiter

Mail:
 Anshuli@technixonline.com, www.technixonline.com

LinkedIn: https://www.linkedin.com/in/anshuli-shandilya-3a4808148/

Direct: 480-389-2890

Phoenix, AZ, 85050

Technix LLC | 
Phoenix, AZ
   | 
phoenix, AZ 85050 US

Update Profile
 |

Constant Contact Data Notice

Keywords: business analyst information technology Arizona 
Urgent Position|| Microsoft Sentinel SIEM Engineer @MD(100% Remote)
anshuli@technixonline.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 18

Location: Annapolis, Maryland