Role: Sentinel SME – Solution Architect
Below covers everything you need to know about what this opportunity entails, as well as what is expected from applicants.
Duration: 6 Months
Location: Coventry
The Role:
The Solution Architect - Sentinel SME (L3) will play a pivotal role in designing, implementing, and optimizing Microsoft Sentinel as the core SIEM solution for the organization's Detect and Respond program. This role requires deep technical expertise in Microsoft Sentinel and the ability to architect scalable and effective security solutions tailored to both IT and OT environments. The SME will work closely with stakeholders, including SOC teams and cybersecurity architects, to enhance detection capabilities, automate workflows, and ensure regulatory compliance.
* Solution Design: Design the architecture of the SIEM solution, ensuring that it meets both IT and OT security requirements and acquire approval from the STW design authorities/approval bodies
* NIS-R Compliance: Ensure the solution complies with NIS-R regulations and customer-specific security requirements.
* Technology Integration: Oversee the integration of security tools (Microsoft Sentinel, DKIM for email security) into the existing IT and OT systems.
* Security Playbooks: Develop and implement security incident response playbooks for both IT and OT environments.
* Security Review: Conduct security risk assessments, vulnerability assessments, and make architectural improvements as required.
* Consultation: Provide consultation on best practices for security monitoring, log management, and incident response.
Skills Needed:
* Proficient in designing, deploying, and managing Microsoft Sentinel in complex environments.
* Advanced skills in KQL (Kusto Query Language) for building queries, analytics rules, and dashboards.
* Experience with Sentinel’s integration capabilities, including Azure-native and third-party connectors.
* In-depth knowledge of onboarding diverse log sources (e.g., firewalls, databases, cloud services, OT systems) into Microsoft Sentinel.
* Familiarity with log ingestion methods using Azure Monitor Agents, Log Analytics, and Event Hub.
* Knowledge of regulatory standards and frameworks relevant to IT and OT environments (e.g., NIS-R, GDPR, ISO 27001).