Website Celtic Management Services
Job Role: Azure / Cloud Developer
Location: London / Cardiff
Type of employment: 12 Month + Extendable
1. Kusto Query Language (KQL) Proficiency:
Mastery of KQL, the query language used in Azure Data Explorer (ADX) and Azure Sentinel, to analyze and manipulate data effectively.
Ability to write complex queries to extract insights from large datasets and perform aggregations, joins, and transformations.
2. Security and Threat Detection:
Understanding of security concepts, threat detection strategies, and common attack patterns.
Knowledge of Azure Sentinel’s data connectors, log sources, and integration with security solutions.
3. Azure Sentinel Configuration:
Proficiency in configuring and customizing Azure Sentinel workspaces.
Ability to set up custom data connectors, data sources, and data ingestion rules.
4. Data Mapping and Parsing:
Skill in mapping and parsing diverse data sources into meaningful fields for analysis.
Knowledge of regular expressions and data extraction techniques.
5. Query Optimization:
Experience optimizing KQL queries for performance and efficiency.
Ability to identify and resolve query performance bottlenecks.
6. Use Case Development:
Capability to translate security use cases into actionable KQL queries and analytics rules.
Experience building detection queries and rules for identifying suspicious activities.
7. Threat Hunting:
Ability to proactively explore data to uncover potential security threats and anomalies.
Familiarity with threat hunting methodologies and practices.
8. Scripting and Automation:
Proficiency in scripting languages like PowerShell or Python to automate tasks and workflows related to Azure Sentinel.
9. Azure Services Integration:
Understanding of Azure services relevant to security and logging, such as Azure Active Directory, Azure Monitor, and Azure Security Center.
10. Incident Response and Workflow:
Knowledge of incident response processes and the role of Azure Sentinel in incident detection and investigation.
Ability to create playbooks and workflows to automate incident response actions.
11. Data Enrichment and Contextualization:
Skill in enriching data with additional context from external sources for more accurate threat detection.
Familiarity with lookup tables and external data integration.
12. Continuous Learning and Adaptability:
Keeping up-to-date with the evolving threat landscape, new Azure Sentinel features, and security best practices.
13. Collaboration and Communication:
Effective communication skills to collaborate with security analysts, stakeholders, and cross-functional teams.
Ability to explain complex technical concepts to non-technical audiences.
Microsoft Certified: Azure Sentinel and Threat Hunting certification demonstrates your expertise in using Azure Sentinel for threat detection and response.
As an Azure Sentinel Developer specializing in KQL, your role will involve deep expertise in security analytics and using KQL effectively to uncover and mitigate security threats. Keep in mind that the security landscape is dynamic, so a commitment to continuous learning and adaptation is crucial to excel in this field.
Revert to email@example.com
To apply for this job email your details to firstname.lastname@example.org.