Sentinel Onboarding Engineer

Cyderes (Cyber Defense and Response) is a pure-play full life-cycle cybersecurity services provider with award-winning managed security services identity and access management and professional services designed to manage the cybersecurity risks of enterprise clients.  We specialize in multi-technology complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States Canada the United Kingdom and India.

About the Role

The Azure Sentinel Onboarding Engineer is responsible for managing the end-to-end onboarding process for clients using Microsoft Sentinel. This includes deploying and configuring Sentinel environments integrating log sources customizing alerting and reporting capabilities and providing comprehensive documentation and training. The role requires close collaboration with clients to understand their security challenges and tailor the onboarding experience to meet their specific requirements.

Responsibilities

• Onboarding Management: Lead the onboarding process for new Azure Sentinel clients ensuring a smooth and timely transition to full operation.

• Deployment and Configuration: Set up and configure Azure Sentinel environments tailored to client-specific security requirements including the integration of various log sources (e.g. network devices servers applications).

• Customization: Develop and tune SIEM use cases alerts and dashboards to meet the unique needs of each client. This includes building complex correlation rules optimizing detection accuracy and minimizing false positives.

• Alert Development and Tuning: Design and implement custom alert logic based on client-specific threat scenarios leveraging the power of KQL (Kusto Query Language) for advanced detection patterns. Regularly review and fine-tune alert thresholds and conditions to adapt to changing threat landscapes.

• CI/CD Integration: Implement Continuous Integration/Continuous Deployment (CI/CD) pipelines to automate the deployment of security monitoring solutions including alert logic and updates ensuring rapid and consistent configurations across environments.

• Automation and Scripting: Leverage scripting languages like Python and automation tools to streamline onboarding tasks improve alerting mechanisms and enhance security orchestration. Collaborate with DevOps teams to ensure seamless integration within the security pipeline.

• Version Control: Use GitHub for version control ensuring that alert development scripts and configurations are properly tracked maintained and reviewed.

• Documentation: Create and maintain detailed documentation for each onboarding project including setup guides configuration details and operational procedures to support ongoing client management.

• Training and Support: Conduct training sessions and workshops to equip clients with the knowledge needed to effectively manage their Azure Sentinel environment. Provide technical guidance and troubleshooting support throughout the onboarding process.

• Collaboration: Work closely with internal teams such as sales account management and security operations to ensure client satisfaction and successful onboarding outcomes. Facilitate coordination between clients and other Cyderes teams to resolve onboarding challenges.

• Process Improvement: Continuously refine onboarding processes and best practices based on feedback industry developments and evolving client needs to enhance the overall onboarding experience.

• Client Engagement: Engage with clients to understand their security landscape gather requirements and offer strategic advice on best practices for using Azure Sentinel.

Requirements

• Experience: 3+ years of experience with Azure Sentinel or other SIEM platforms with a focus on onboarding and client implementation.

• Technical Skills: In-depth knowledge of Azure Sentinel deployment configuration and management. Proficiency in data collection technologies such as syslog API integrations and cloud connectors.

• Alert Development Expertise: Proven experience in developing and tuning SIEM alerts based on real-world use cases with a focus on optimizing alert accuracy and minimizing false positives.

• CI/CD Experience: Familiarity with Continuous Integration/Continuous Deployment (CI/CD) pipelines and automation frameworks to streamline deployment processes.

• Python and Scripting Skills: Strong Python scripting experience with a focus on automating security tasks and enhancing detection logic.

• GitHub: Experience in using GitHub for version control ensuring proper management of alert configurations scripts and deployment workflows.

• Cybersecurity Knowledge: Strong understanding of cybersecurity principles SIEM best practices and log management. Familiarity with Azure cloud services including Azure Active Directory and Azure Security Center.

• Analytical Skills: Strong problem-solving and analytical skills with the ability to diagnose and resolve technical issues efficiently.

• Communication: Excellent communication and interpersonal skills capable of explaining complex technical concepts to both technical and non-technical stakeholders.

• Project Management: Proven ability to manage multiple onboarding projects simultaneously ensuring timely delivery and high-quality outcomes.

• Certifications: Industry-recognized certifications in security or cloud technologies (e.g. Microsoft Certified: Azure Security Engineer Associate CompTIA Security+) are a plus.

Preferred Qualifications:

• Experience with scripting and automation tools (e.g. PowerShell Python) to streamline onboarding tasks.

• Familiarity with regulatory and compliance requirements related to data security and privacy.

• Experience in conducting training sessions and knowledge transfer for client teams.

• Understanding of network protocols secure network design and network monitoring tools.

Cyderes i s an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.

Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.