Job Title: Solution Architect - Sentinel SME (L3)
Work Arrangement: Hybrid
Location: Coventry, UK
Day Rate: £500/550
Assignment Details: Duration: 3 Months
Role Description:
The Solution Architect - Sentinel SME (L3) will play a pivotal role in designing, implementing, and optimizing Microsoft Sentinel as the core SIEM solution for the organization’s Detect and Respond program. This role requires deep technical expertise in Microsoft Sentinel and the ability to architect scalable and effective security solutions tailored to both IT and OT environments. The SME will work closely with stakeholders, including SOC teams and cybersecurity architects, to enhance detection capabilities, automate workflows, and ensure regulatory compliance.
Key Responsibilities:
1. Solution Design: Design the architecture of the SIEM solution, ensuring compliance with IT and OT security requirements and approval from STW design authorities.
2. NIS-R Compliance: Ensure the solution aligns with NIS-R regulations and customer-specific security needs.
3. Technology Integration: Oversee the integration of security tools (e.g., Microsoft Sentinel, DKIM for email security) into existing IT and OT systems.
4. Security Playbooks: Develop and implement incident response playbooks for IT and OT environments.
5. Security Review: Conduct risk and vulnerability assessments, recommending architectural improvements as necessary.
6. Consultation: Provide expert advice on security monitoring, log management, and incident response best practices.
Key Skills/Knowledge/Experience:
1. Proficient in designing, deploying, and managing Microsoft Sentinel in complex environments.
2. Advanced skills in KQL (Kusto Query Language) for creating queries, analytics rules, and dashboards.
3. Experience with Sentinel’s integration capabilities, including Azure-native and third-party connectors.
4. In-depth knowledge of onboarding diverse log sources (e.g., firewalls, databases, cloud services, OT systems) into Microsoft Sentinel.
5. Familiarity with log ingestion methods using Azure Monitor Agents, Log Analytics, and Event Hub.
6. Understanding of regulatory standards and frameworks for IT and OT environments (e.g., NIS-R, GDPR, ISO 27001).
Person Specification:
1. Strong communication and collaboration skills to engage with both technical and non-technical stakeholders.
2. Ability to thrive in high-pressure environments and effectively prioritize competing demands.
3. Analytical mindset with a proactive approach to problem-solving and risk mitigation.