TC-CS-NGSO TDR-Sentinel-Senior
Hyderabad, TG, IN, 500081
EY
Mit unseren vier integrierten Geschäftsbereichen — Wirtschaftsprüfung und prüfungsnahe Dienstleistungen, Steuerberatung, Unternehmensberatung und Strategy and Transactions — sowie unserem Branchenwissen unterstützen wir unsere Mandanten dabei,...At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
Senior (CTM – Threat Detection & Response) - Microsoft O365 Security
KEY Capabilities:
- Strong technical skills to design and implement O365 Security services with hands on experience on several of the items outlined below:
- O365 Threat Protection
- Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity (formerly Azure Advanced Threat Protection) and Microsoft Cloud App (Security Cloud Access Security Broker (CASB))
- Exchange Online Protection, Safe Attachments, Safe Links, Anti-phishing protection, anti-spoofing, anti-spam protection
- Azure Information Protection (Azure Rights Management, labels and conditions, templates, AIP scanner, RMS connector, tenant keys, integrate AIP with Microsoft Online Services)
- Cloud App Security (Plan implementation and configuration)
- Security reporting (Windows Analytics, Office Telemetry, Office 365 secure score, Azure Log Analytics integration, and alert policies in the O65 Security and Compliance Center)
- Microsoft Intelligent Security Graph
- Investigation and Response Playbook
- Enterprise cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments
- Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
- Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs.
- Provide consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment.
- Strong knowledge of cyber threat intelligence frameworks
- Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
- Ability to integrate Microsoft Cloud Technologies with 3rd party security products such as Splunk, Ping, Okta, etc.
- Below mentioned experiences/expertise on Sentinel will be added advantage
- Develop a migration plan from Splunk/QRadar/LogR to Azure Sentinel
- Deep understanding of how to implement best practices for designing and securing Azure platform
- Experiencing advising on Microsoft Cloud Security capabilities across Azure platform
- Configure data digestion types and connectors
- Analytic design and configuration of the events and logs being digested
- Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
- Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
- Must have experience in any SIEM technology (Splunk, IBM QRadar, Sentinel, etc.). Preference for Sentinel experience
Qualification & experience:
- 5+ Years’ experience in Cyber Security Engineering or Consulting, and/or Support
- Experience supporting large and complex geographically distributed enterprise environments
- Preferably in possession of one of the relevant (MS) certifications (e.g. AZ-500, MS-500, etc.)
- Excellent communication skills in written and oral English
- Experience on Windows Server, Windows Client, Active Directory and/or Azure Active Directory Administration
- Knowledge of information security standards (ISO, NIST, PCI, GDPR etc.)
- Good to have experience in Malware Analysis and Incident Response
- Good to have some experience in Endpoint (other than Microsoft technologies) and Network Security
- Good knowledge of scripting and automation (PowerShell or Python, Java, or a similar language, can be a beginner to intermediate level)
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Analytics Automation Azure CASB Cloud Compliance GDPR Incident response Java Malware Network security NIST Okta PowerShell Python QRadar Scripting Sentinel SIEM Splunk Strategy Threat detection Threat intelligence Windows
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.