To assist with a wide range of projects delivering security infrastructure solutions for our diverse range of mid-market and enterprise clients across finance, retail, manufacturing and technology. This role requires engagement in the full project lifecycle including design, deployment and handover-to-operations.
Specifically looking for those with Azure Sentinel engineer/ architect/ consultant with experience designing and deploying on behalf of customers into MSSP environment. Similar experience will be considered.
- Designing SIEM and MDR solutions for customers based on sales proposals. Design work will encompass customer technical workshops, creation of high and low level design documentation, create and run POC to validate solution.
- Implementing SIEM and MDR solutions for customers encompassing; configuring RBAC for the SOC to access customer infrastructure; configuring log forwarders; creating and enabling use cases/rules; creating and activating playbooks/workflows. Supporting the customer in configuring their estate to fulfil the service design.
- Design and implementation of Vulnerability Intelligence solutions for customers. Designing the solution to cover the customer estate and with reporting aligned to the customer requirements.
- Lead engineer on large (multi month) and small projects working through the full lifecycle through design and deployment, to hand over to operational support. Managing competing pressures and workloads.
- Contribute to the knowledge resource, developing tool sets, new content, guides and processes to improve the effectiveness of the operations team and the service.
- Designing and implementing vulnerability management solutions. This includes designing and building vulnerability scans, agents, reporting and interpretation of the reports.
This role requires the following operational skills:
- Customer-facing with good documentation skills and strong communication skills at all levels.
- Ability to consistently deliver to deadlines while prioritising competing demands for work.
- You must be professional, hard-working and have an ability to pay attention to detail.
- You must be enthusiastic, have a keen interest in the technology and a drive to develop yourself both in technical knowledge and its application to meet customer requirements.
- You should have experience of ITIL processes and structured ways of working.
- You must be familiar and comfortable configuring and troubleshooting infrastructure through both command line and GUI.
- Willingness to share information, improve documentation, develop solutions and mentor other engineers.
Your technology skills will include some of the following:
- Experience in successfully designing, configuring, and implementing SIEM solutions.
- Experience in successfully designing, configuring, and implementing EDR/MDR solutions.
- Experience in successfully designing, configuring, and implementing Vulnerability Intelligence solutions.
- Good understanding cyber threats and threat prevention techniques.
- Integrating and onboarding various technologies with a SIEM platform.
- Experience with syslog daemons and tuning log source volumes.
- Building use cases, alerts and incident response workflows.
- Experience with Microsoft security products.
- Experience of managing a windows estate.
- A working knowledge and experience of Linux.
Your skillset should ideally be supported by the following academic and professional qualifications:
- You may have Microsoft AZ-500 and MS-500 certifications (highly desirable but not essential.)
- Certifications in SIEM and EDR products (highly desirable but not essential.)
- Certifications in Vulnerability Management products (Qualys experience highly desirable but not essential.)
- Certifications and experience in network security solutions and products (desirable but not essential.)
- ITIL and/or project management certification.
- You may have a Diploma or Bachelor’s degree in a related field (not essential).