Hybrid
Day Rate: £500/550
The Solution Architect - Sentinel SME (L3) will play a pivotal role in designing, implementing, and optimizing Microsoft Sentinel as the core SIEM solution for the organization’s Detect and Respond program. This role requires deep technical expertise in Microsoft Sentinel and the ability to architect scalable and effective security solutions tailored to both IT and OT environments. The SME will work closely with stakeholders, including SOC teams and cybersecurity architects, to enhance detection capabilities, automate workflows, and ensure regulatory compliance.
Solution Design: Design the architecture of the SIEM solution, ensuring compliance with IT and OT security requirements and approval from STW design authorities.
Microsoft Sentinel, DKIM for email security) into existing IT and OT systems.
Develop and implement incident response playbooks for IT and OT environments.
Security Review: Conduct risk and vulnerability assessments, recommending architectural improvements as necessary.
Provide expert advice on security monitoring, log management, and incident response best practices.
Proficient in designing, deploying, and managing Microsoft Sentinel in complex environments.
Advanced skills in KQL (Kusto Query Language) for creating queries, analytics rules, and dashboards.
firewalls, databases, cloud services, OT systems) into Microsoft Sentinel.
Familiarity with log ingestion methods using Azure Monitor Agents, Log Analytics, and Event Hub.
Understanding of regulatory standards and frameworks for IT and OT environments (e.g., Analytical mindset with a proactive approach to problem-solving and risk mitigation.