SIEM Engineer

Our client is looking to add a SIEM Engineer to their Security team. This will be a 12 month contract for an experienced security professional. The SIEM Engineer plays a critical role in ensuring the organization's security posture by managing and operating the Security Information and Event Management (SIEM) system, with a focus on Microsoft Sentinel. The ideal candidate will possess a deep understanding of log onboarding and integration processes, as well as extensive experience in utilizing Microsoft Sentinel to detect and respond effectively to security threats.

Responsibilities:

• Manage and oversee the organization's SIEM system, primarily Microsoft Sentinel.
• Collaborate with security architects and engineers to design and implement the SIEM solution.
• Work closely with IT teams to onboard and integrate logs from various sources into Microsoft Sentinel.
• Continuously monitor and analyze security logs and events in Microsoft Sentinel to identify potential threats and incidents.
• Investigate and triage security alerts, prioritizing and escalating critical incidents to the Security Operations Center (SOC).
• Develop SIEM use cases
• Develop and maintain playbooks and response procedures
• Collaborate with other security team members, including incident responders, threat hunters, and forensic analysts, to enhance the organization's overall security posture.
• Stay informed about emerging security threats, vulnerabilities, and industry best practices.
• Conduct regular reviews and assessments of the SIEM system to optimize its performance and effectiveness.

Qualifications:

• 7+ years of hands-on experience in SIEM administration, preferably with Microsoft Sentinel.
• Strong understanding of log management, data normalization, and event correlation techniques.
• Intermediate to expert level in Microsoft Sentinel, including log ingestion, KQL query language, and threat detection rules.
• Experience in developing SIEM Use cases
• Strong analytical and problem-solving skills, with a focus on root cause analysis.
• Ability to work independently and as part of a team, managing multiple tasks simultaneously.
• Certifications in security-related domains, such as CISSP, CISM, or CEH, are desirable.

Thank you for your interest.