AddressWhat success looks like in this role:
- Monitor security events and alerts in Microsoft Sentinel to detect and respond to potential threats.
- Proactively search for signs of malicious activity within the organization's environment using Microsoft Sentinel.
- Prioritize and triage security alerts generated by Microsoft Sentinel based on their severity and potential impact.
- Monitor Microsoft Defender alerts for threats and security incidents.
- Investigate security incidents identified by Microsoft Defender to determine the scope, impact, and root cause.
- Analyze malware samples detected by Microsoft Defender to understand their behavior and impact.
- Monitors health of customer security sensors and SIEM infrastructure
- Collects data and context necessary to initiate Level 2 escalation
- Investigate, document, and report on any security threat issues as well as emerging trends
- Coordinate the containment and eradication of malicious activities with internal and external parties
- Notify appropriate business stakeholders about serious security events, implement security improvements by assessing current situation, evaluating market trends, and anticipating requirements
- Working with Sr. Analyst SOC Operations for monitoring, analyzing logs from various Security/ Industrial appliances using SIEM Tool.
- Log monitoring and Incident analysis for various devices such as Firewalls, IDS, IPS, Windows Servers and Web servers etc.
- Tracking and reporting the configuration changes in routers, switches and firewalls devices using SIEM Tool
- Potential to bring any possible security threats or violation of Security Policy to the notice of the Information Security Manager.
- Reporting device/interface down events to maintain maximum uptime and thus helping in preventing any log loss or minimizing any delay.
- Actively investigating the latest Security, Vulnerabilities, Advisories, Incidents and notifies clients.
- Understanding of security threats, attack scenarios, analysis and intrusion detection skills
- Escalation and coordination with the other domains for unresolved incidents.
- Should be willing to work in 24/7 rotational shifts which includes night shift and weekends
You will be successful in this role if you have:
- A bachelor’s degree in computer science, engineering or technology-related field, or equivalent
- Minimum 3-5 years of experience in security domain with exposure to SIEM tools.
- Vast experience on Microsoft Sentinel and Microsoft Defender
- Good understanding of network and security fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP
- Highly Energetic and Quick Learner
- Analytical skills, out-of-box thinking
- Good communication skills with positive attitude.
- Willingness to learn new technology platforms such as LogRhythm, Securonix, etc.,
- Knowledge and experience on Python and PowerShell scripting skills are added advantage
- Certifications on Microsoft tools such as AZ900, SC500 is an advantage.
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here .
