Cyber Security Teamlead

What success looks like in this role:

• Strong background developing Azure Sentinel analytics rules, incidents, playbooks, notebooks, workbooks, threat hunting within the Azure Cloud. Strong and demonstrated background working with Log Analytics Workspaces, Kusto Query Language (KQL), Dashboard\workbook development. Strong understanding of Azure PaaS services.
• Solid experience with Logic Apps in Azure.
• Experience in Creation of Resource groups, Log analytics workspace for Azure Sentinel, Integration to Data sources
• Understanding of Azure Lighthouse, Azure AD, B2B, and common Cloud authentication patterns. Ability to configure, automate, harden, and deploy Azure Sentinel Services.
• Hands-on experience with Sentinel SIEM usecase creation and fine tuning
• Understanding of various security tools and platforms like Microsoft Defender ATP, Office ATP etc.
• Strong understanding of Cloud Security and Networking Concepts and practices.
• Work with Tactical Use Case Development team to assist in processing the more intricate use case development tickets from our customer request queue.
• Experience with methodologies and tools, for threat analysis of complex systems, such as threat modeling
• Ability to learn and retain new skills in a changing technical environment.
• Onboarding new client to SOC environment.
• Log collector onboarding/off boarding for Microsoft Azure sentinel.
• New Device type/event source onboarding
• Co-ordinate with clients and other stake holders
• Log quality checks for any new device onboarding
• Keep SECOPS Enterprise Manager up to date with the latest event source onboarding/offboarding.
• Plan and support Defender for Endpoints onboarding/offboarding.
• Support Engineering team in any new onboarding projects.
• Work as a bridge between clients and SOC for any new onboarding request and co-ordinate with teams internal to SOC as well as outside to deliver the requirement.
• Support in creation of the process and help in rolling out of any new tool/technology across the globe.
• Make sure any new product or tool lands to operations team
• Provide Weekly Onboarding reports.
• Collaborate with stake holders and peers across the globe through emails or phone call when needed.

You will be successful in this role if you have:

• University degree or equivalent education with relevant experience.
• 8-10 years of total experience including security domain with exposure to Security Products
• 2-3 years professional experience maintaining sentinel SIEM
• Excellent verbal and written communication skills.
• Ability to participate in on-call support
• Willingness to learn new technology platforms
• Preferred Qualifications: SIEM Experience, Vulnerability Management, Recognized network and security certifications, Security+, CEH, ECIH, GCIH, GCIE etc.
• Experience on other SIEM tools like LogRhythm, Securonix, Splunk etc.
• Certification on the respective tool is added advantage

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’  EEO commitment here.