Team Lead - Azure Sentinel/SIEM Platform

We are seeking a highly skilled and experienced Team Lead to manage . You will lead a team responsible for developing, optimizing, and maintaining detection rules, use cases, and playbooks within Azure Sentinel, ensuring our clients' security posture is robust and effective. This role requires a blend of technical proficiency, leadership skills, and excellent customer communication abilities. Main Tasks and Accountabilities : - Azure Sentinel Expertise & Implementation: Understand and translate customer security requirements into effective Azure Sentinel solutions. - Provide consultative advice on security principles and best practices related to Azure Sentinel operations. - Develop new Azure Sentinel use cases, rules, correlations, and dashboards to meet customer needs. - Design and document Azure Sentinel architectures tailored to customer requirements. - Assist customers with Azure Sentinel sizing, architecture planning, and technical meetings. - Provide technical guidance to customers on configuring log sources for ingestion into Azure Sentinel. - Verify the integrity and accuracy of log source data within Azure Sentinel. Detection Engineering & Content Development : - Apply expertise in KQL to develop and optimize detection rules and use cases within Azure Sentinel. - Utilize knowledge of attack frameworks like MITRE ATT&CK and TTPs to map detection rules effectively. - Ensure thorough documentation of all use cases and playbooks, including detailed descriptions, workflow diagrams, and technical configurations. Team Leadership & Mentorship : - Manage and mentor a team of security engineers focused on detection rule, use case, and playbook development in Azure Sentinel. - Ensure the team adheres to established timelines and delivery expectations. - Foster a collaborative and high-performing team environment. Customer Relations & Communication : - Effectively communicate technical concepts to both technical and non-technical audiences. - Provide excellent customer service and build strong client relationships. - Collaborate with cross-functional teams to ensure seamless service delivery. Technical Skills : - Minimum 5 years of hands-on experience with the Azure Sentinel SIEM platform. - At least 5 years of experience in detection engineering or cybersecurity research. - Strong proficiency in KQL for writing use cases in Azure Sentinel. - Familiarity with various security attack vectors and protection methods. - Knowledge of common attack frameworks (MITRE ATT&CK, TTPs). - Understanding of security monitoring, incident detection, and incident response best practices. - Preferred SIEM vendor certification of & Soft Skills : - Proven experience managing technical teams. - Strong analytical and problem-solving skills. - Excellent communication and collaboration skills. - Ability to work independently and as a self-starter. Education & Certifications : - University degree in information security or equivalent work experience. - Relevant certifications (e.g., GIAC GSOC, GCFA, CISSP) are an advantage. Technical Skills Breakdown : - Azure Sentinel : Use Case Development Rule Creation & Optimization Correlation Logic Dashboard Design Log Source Configuration Architecture Design KQL Query Language. - Cybersecurity : Detection Engineering Incident Detection & Response Threat Intelligence MITRE ATT&CK Framework TTPs (Tactics, Techniques, and Procedures) Security Monitoring. - General : SIEM administration. Benefits : - Competitive salary and benefits package. - Opportunity to work with cutting-edge Azure security technologies. - Collaborative and supportive work environment. - Opportunities for professional growth and development (ref:hirist.tech)

Location: karnataka, IN

Posted Date: 5/1/2025