Job Details

Home

Microsoft SIEM Engineer :: Remote ::Any visa except OPT and CPT at Remote, Remote, USA

Email: [email protected]

Job Title:
Microsoft SIEM Engineer (Remote)

Location:
Maryland

Duration: 6+
Months Contract

Interview mode:
Phone and Video

Visa: Any visa
except OPT and CPT

Experience level: 10-15 years

Client
is looking for exact match profile here and pls look candidates in EST/CST time
zone only.

SCOPE OF WORK

Offeror proposed resource(s) shall be responsible for the following:

The SIEM Engineer is responsible for designing, implementing, and managing the
Microsoft

Sentinel SIEM solution to collect, analyse, and visualize data from various
sources within the

Judiciary. This role involves managing the SIEM environment, creating
dashboards, and ensuring

the effective use of SIEM"s capabilities to monitor, detect, and respond to
security threats and

operational insights for the consumption of the Security Analysts. The
Microsoft Sentinel SIEM

Engineer will work closely with security analysts, and stakeholders to optimize
data intelligence and

drive informed incident detection and response.

2. Essential Functions:

a. SIEM Configuration:

(1) Design and deploy SIEM resources, including configuring analytics rules,

playbooks, Azure logic apps and data connectors, to support data collection and

analysis needs.

(2) Optimize SIEM configurations to ensure efficient data storage, retrieval,
and search

capabilities.

b. Data Collection and Integration:

(1) Collaborate with system owners to identify available data sources and drive

initiatives to ingest that system data.

(2) Develop data ingestion strategies, create data inputs, and set up data
source

integration for various log and event data types.

(3) Design and implement data normalization and transformation processes for

consistent and accurate analysis.

c. Dashboard and Visualization Development:

(1) Design and create interactive dashboards, reports, and visualizations using
SIEM"s

capabilities.

(2) Present data insights in a clear and actionable manner to support
decision-making

processes.

(3) Develop data visuals for the SOC displays screens.

d. Search, Queries and Alerts:

(1) Develop and optimize analytics rules and alert mechanisms to proactively
monitor

for security threats, anomalies, and operational issues.

(2) Configure alerts to trigger automated responses or notifications based on
predefined

criteria.

e. SIEM App Development:

(1) Build custom SIEM apps and add-ons to extend functionality and support
specific

agency requirements.

(2) Collaborate with development teams to integrate SIEM with other systems and
tools.

f. Security and Compliance:

(1) Implement security controls and best practices to protect data stored in
SIEM and

ensure compliance with relevant regulations and standards.

(2) Monitor and analyze security-related events to detect and respond to potential

threats.

g. Performance Optimization:

(1) Monitor system performance and troubleshoot issues related to data
indexing, search

performance, and resource utilization.

(2) Implement optimizations to enhance SIEM"s efficiency and responsiveness.

h. Training and Documentation:

(1) Provide training and guidance to other JIS SOC team members on Microsoft

Sentinel best practices, usage, and administration.

(2) Create documentation for configurations, processes, and troubleshooting

procedures.

OFFEROR RESOURCE(S) SKILLS, EXPERIENCE, & CAPABILITIES

1.

Recent experience with the administration and
management of Microsoft Sentinel.

2.

Experience developing, compiling, and executing KQL
queries.

3.

Strong aptitude to learn platforms, to work with
stakeholders, to understand and provide

thoughts on how to customize and maintain platforms to meet organizational
business needs.

4.

Experience generating playbooks and using Azure logic
apps for security orchestration,

automation and response.

5.

Experience in querying, reviewing and providing
contextual information from log data.

6.

Proficient in the use of M365 Office suite of tool.

7.

Ability to establish and maintain effective working
relationships with peers, end users and

vendor development staff, as well as all levels of management and judicial
personnel as

necessary.

8.

Ability to communicate clearly and lead technical
discussions related to log data

management and knowledge sharing.

Resource Consultings Services Inc powered by

Keywords:
Microsoft SIEM Engineer :: Remote ::Any visa except OPT and CPT
[email protected]

[email protected]
View all

Mon Jul 15 23:15:00 UTC 2024

To remove this job post send "job_kill 1562045" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

nitu@rconsultinginc.com wrote:
Job Title:
Microsoft SIEM Engineer (Remote)

Location:
Maryland

Duration: 6+
Months Contract

Interview mode:
Phone and Video

Visa: Any visa
except OPT and CPT

Experience level: 10-15 years

Client
is looking for exact match profile here and pls look candidates in EST/CST time
zone only.

SCOPE OF WORK

Offeror proposed resource(s) shall be responsible for the following:

The SIEM Engineer is responsible for designing, implementing, and managing the
Microsoft

Sentinel SIEM solution to collect, analyse, and visualize data from various
sources within the

Judiciary. This role involves managing the SIEM environment, creating
dashboards, and ensuring

the effective use of SIEM"s capabilities to monitor, detect, and respond to
security threats and

operational insights for the consumption of the Security Analysts. The
Microsoft Sentinel SIEM

Engineer will work closely with security analysts, and stakeholders to optimize
data intelligence and

drive informed incident detection and response.

2. Essential Functions:

a. SIEM Configuration:

(1) Design and deploy SIEM resources, including configuring analytics rules,

playbooks, Azure logic apps and data connectors, to support data collection and

analysis needs.

(2) Optimize SIEM configurations to ensure efficient data storage, retrieval,
and search

capabilities.

b. Data Collection and Integration:

(1) Collaborate with system owners to identify available data sources and drive

initiatives to ingest that system data.

(2) Develop data ingestion strategies, create data inputs, and set up data
source

integration for various log and event data types.

(3) Design and implement data normalization and transformation processes for

consistent and accurate analysis.

c. Dashboard and Visualization Development:

(1) Design and create interactive dashboards, reports, and visualizations using
SIEM"s

capabilities.

(2) Present data insights in a clear and actionable manner to support
decision-making

processes.

(3) Develop data visuals for the SOC displays screens.

d. Search, Queries and Alerts:

(1) Develop and optimize analytics rules and alert mechanisms to proactively
monitor

for security threats, anomalies, and operational issues.

(2) Configure alerts to trigger automated responses or notifications based on
predefined

criteria.

e. SIEM App Development:

(1) Build custom SIEM apps and add-ons to extend functionality and support
specific

agency requirements.

(2) Collaborate with development teams to integrate SIEM with other systems and
tools.

f. Security and Compliance:

(1) Implement security controls and best practices to protect data stored in
SIEM and

ensure compliance with relevant regulations and standards.

(2) Monitor and analyze security-related events to detect and respond to potential

threats.

g. Performance Optimization:

(1) Monitor system performance and troubleshoot issues related to data
indexing, search

performance, and resource utilization.

(2) Implement optimizations to enhance SIEM"s efficiency and responsiveness.

h. Training and Documentation:

(1) Provide training and guidance to other JIS SOC team members on Microsoft

Sentinel best practices, usage, and administration.

(2) Create documentation for configurations, processes, and troubleshooting

procedures.

OFFEROR RESOURCE(S) SKILLS, EXPERIENCE, & CAPABILITIES

Recent experience with the administration and
management of Microsoft Sentinel.

Experience developing, compiling, and executing KQL
queries.

Strong aptitude to learn platforms, to work with
stakeholders, to understand and provide

thoughts on how to customize and maintain platforms to meet organizational
business needs.

Experience generating playbooks and using Azure logic
apps for security orchestration,

automation and response.

Experience in querying, reviewing and providing
contextual information from log data.

Proficient in the use of M365 Office suite of tool.

Ability to establish and maintain effective working
relationships with peers, end users and

vendor development staff, as well as all levels of management and judicial
personnel as

necessary.

Ability to communicate clearly and lead technical
discussions related to log data

management and knowledge sharing.

Resource Consultings Services Inc powered by

Keywords: 
Microsoft SIEM Engineer :: Remote ::Any visa except OPT and CPT
nitu@rconsultinginc.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,