Tổng quan công việc
SIEM/Sentinel Management: Configure and maintain log data connectors, write KQL queries for custom detection rules, and manage dashboards inside Microsoft Sentinel.
Incident Response & Hunting: Actively monitor security alerts (MDE, Entra ID, SharePoint), investigate identity/endpoint compromise, and execute containment protocols (session revocation, host isolation).
Playbook Automation & Audit: Develop automated response playbooks to accelerate threat mitigation...
Kỹ năng chính
Yêu cầu
1. Knowledge (*):
Years of Experience: Minimum of 3–5 years of hands-on experience working in a SOC (Security Operations Center) environment or managing enterprise-grade security systems.
Microsoft Sentinel (SIEM/SOAR) Expertise: o Proficient in configuring and managing Data Connectors to ingest logs from Endpoints, Cloud (M365/Azure), Firewalls, and Network devices into Microsoft Sentinel. o Strong KQL (Kusto Query Language) skills to...
Quyền lợi
Thưởng: Attractive
Chăm sóc sức khoẻ: Health Insurance 24/7
Đào tạo: Annual