Remote position but must be within driving distance of Annapolis, MD for occasional onsite meetings.Schedule is 8 - 4:30 Eastern, Monday - FridayTechnical Skills:
Recent experience with the administration and management of Microsoft Sentinel.Experience developing, compiling, and executing KQL queries.Strong aptitude to learn platforms, to work with stakeholders, to understand and provide thoughts on how to customize and maintain platforms to meet organizational business needs.Experience generating playbooks and using Azure logic apps for security orchestration, automation and response.Experience in querying, reviewing and providing contextual information from log data.Proficient in the use of M365 Office suite of tools.Ability to establish and maintain effective working relationships with peers, end users and vendor development staff, as well as all levels of management and judicial personnel as necessary.Ability to communicate clearly and lead technical discussions related to log data management and knowledge sharing.Scope of Work:
The SIEM Engineer is responsible for designing, implementing, and managing the Microsoft Sentinel SIEM solution to collect, analyze, and visualize data from various sources.. This role involves managing the SIEM environment, creating dashboards, and ensuring the effective use of SIEM's capabilities to monitor, detect, and respond to security threats and operational insights for the consumption of the Security Analysts. The Microsoft Sentinel SIEM Engineer will work closely with security analysts, and stakeholders to optimize data intelligence and drive informed incident detection and response.
