GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
We are seeking a highly skilled Microsoft Sentinel Engineering Consultant with a strong background in Azure security technologies to join our dynamic team. The successful candidate will be responsible for deploying, configuring, and maintaining Microsoft Sentinel, Google Chronicle and surrounding Microsoft Azure cloud-based solutions to enhance our clients' security operations capabilities. This engineer will be focused on delivering Microsoft Azure specific professional services to enhance customer cybersecurity operations visibility and general posture.
Key Responsibilities:
- Design, implement, and maintain Microsoft Sentinel and/or Google Chronicle solutions across multiple and diverse client environments.
- Deliver and document all written technical recommendations, and other technical deliverables.
- Configure data connectors, implement log collection policies, and ensure seamless integration with existing client security systems.
- Develop and refine KQL queries and analytics rules to detect, investigate, and respond to security threats.
- Design and automate response actions and workflows to improve incident response times.
- Apply MITRE ATTCK methodology to emphasize event log visibility requirements and to assess overall security operations detection maturity.
- Provide expert guidance and training to customer security teams on Microsoft Sentinel industry best practices.
- Stay updated with the latest security trends and technologies that facilitate continuously improving our security operations offerings for customers.
- Discuss and present Security Operations principles referencing Microsoft Azure Sentinel and surrounding architecture.
Qualifications:
- Minimum 4 years of experience in cybersecurity operations specific to incident investigation and response.
- Minimum of 3 years focused on Microsoft Sentinel and/or Google Chronicle including but not limited to Entra, Purview and/or Defender suite of applications, Microsoft Sentinel and Log Analytics Workspace (LAW).
- Knowledge of tactics, techniques, and procedures (TTPs) as developed and outlined by the MITRE ATTCK framework.
- Proficient in creating and managing KQL queries and understanding of Azure services related to security and compliance.
- Demonstrate ability to design and implement complex security solutions in large-scale environments.
- Excellent problem-solving skills and the ability to work in a dynamic, fast-paced environment.
- Strong communication skills with proficiency in presenting technical information to non-technical stakeholders.
- Familiarity with Python, PowerShell or similar development experience is preferred.
- Preferred experience with additional SIEM or data analytics tools such as Splunk, QRadar, Elastic, Securonix, Sumo Logic, Logscale, Snowflake, etc.
- Prior consulting experience preferred, or experience working in a client-facing role.
- Familiarity with Breach and Attack Simulation security tools preferred.
Certification and Education Requirements
- Microsoft Certified: Azure Security Engineer Associate.
- GIAC Incident Handler, CISSP, and/or similar.
- Bachelors degree and/or equivalent experience in relative field of expertise.
We use Greenhouse Software as our applicant tracking system and Free Busy for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.
Why GuidePoint?
GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.
Some added perks….
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
- 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option