Description:
This role sits within the cyber defence centre (CDC) and has come about as a result their ever expanding order book. You’ll work with the wider team of architects, pre-sales, Threat analysts etc – with opportunities to dip a toe into their world if that’s your preference.
The Role of the Security Engineer:
- Based in the CDC (4 day / wk) you’ll be responsible for customer onboarding, maintenance, and integration of Help AG security solutions, such as MS Sentinel SIEM, Azure Cloud, Access Security Broker, O365 & O365 ATP, MS Defender, etc.
- Create the content , use cases and custom rules. Configure the solutions to detect threats KQL, oversee the day to day activities of Azure IP platform, and ensure alignment with the relevant enterprise standards.
- Ongoing assessment to ensure customer needs met – as required add content / detection rules and scale solutions using new tech as necessary.
- You’ll be point of contact and responder for the MSSP customers – resolving any issues as they arise.
Some of the Requirements of the Security Engineer:
- Experience onboarding / implementing Sentinel and maintaining or migration of customers from existing tech to Sentinel, and solid experience of Azure 365 and MS cloud security.
- Experience working in an MSSP / SOC or client network environment.
- Experience creating use cases, content, custom use cases, dashboards, and reports for MS Sentinel.
- Knowledge of Sentinel architecture, workbooks, automations, tables, integration with tool and data connectors.
- Good understanding of network fundamentals, identity management and use of Linux and windows OS.
- You’ll have great comms and be at ease communicating with customers and internal stakeholders alike.