Principal Engineer - SIEM - (Azure Sentinel) | On-site, Bangalore

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest growing companies in a truly essential industry.

In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together.

As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

How you’ll make an impact

• Logging and auditing cloud infrastructure with Azure Sentinel and orchestration efforts
• Leveraging security infrastructure to build automated workflows
• Build and prototype high confidence correlation using automated workflows based on various sources and use cases
• Leverage Threat Intelligence feeds in Sentinel analytics and SOAR
• Integrating security logs into Azure Log Analytics Workspace
• Develop incident response use cases using Logic Apps in Azure
• Developing remediation recommendations for findings where automated actions have not yet been applied
• Working collaboratively with team members and stakeholders, and clearly and proactively communicating work status, key issues and risks to management
• Develop Jupyter notebooks in Python and integrate them with Azure Sentinel
• Continuous assessment of data coverage and areas for improving Azure Sentinel
• Own all documentation related to Azure Sentinel
 

What we’re looking for

• Bachelor's degree in Information Technology or equivalent work experience
• 7+ years of experience with SIEM - Azure Sentinel
• 5+ years of experience with developing SIEM content
• 5+ years of experience working with Azure Sentinel and Azure Log Analytics
• Experience in Azure cloud security, specifically in Sentinel and KQL
• Experience with scripting languages like Python or PowerShell
• Strong skill set on creating analytics rules, playbooks, notebooks, workbooks, threat hunting and developing KQL queries
• Experience configuring, automating, hardening, and deploying Azure Sentinel Services
• Experience with Azure Security Center
• Experience with public and private cloud security solutions and capabilities, network security
• Able to thrive in a dynamic environment, remaining organized while working on multiple projects

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.