Job Description: Remote Microsoft Sentinel SIEM EngineerPosition Title: Remote Microsoft Sentinel SIEM EngineerCompany: Mfinite Consulting LLCLocation: RemoteEmployment Type: Full-TimeEducational Requirements:BA/BS degree in Computer Science, Business Management, or an IT-related field.Preferred Qualifications:Three (3) years of experience with Azure Sentinel.Three (3) years of experience with Kusto Query Language.One (1) year of experience in Information Security.Active Microsoft Security Operations Analyst Associate certification.Scope of Work:The Microsoft Sentinel SIEM Engineer will be responsible for designing, implementing, and managing the Microsoft Sentinel SIEM solution to collect, analyze, and visualize data from various sources within the Judiciary. This role involves managing the SIEM environment, creating dashboards, and ensuring effective use of SIEM's capabilities to monitor, detect, and respond to security threats and operational insights for the consumption of Security Analysts.Essential Functions:

• SIEM Configuration:Design and deploy SIEM resources, including configuring analytics rules, playbooks, Azure logic apps, and data connectors to support data collection and analysis needs.Optimize SIEM configurations to ensure efficient data storage, retrieval, and search capabilities.
• Data Collection and Integration:Collaborate with system owners to identify available data sources and drive initiatives to ingest system data.Develop data ingestion strategies, create data inputs, and set up data source integration for various log and event data types.Design and implement data normalization and transformation processes for consistent and accurate analysis.
• Dashboard and Visualization Development:Design and create interactive dashboards, reports, and visualizations using SIEM's capabilities.Present data insights in a clear and actionable manner to support decision-making processes.Develop data visuals for SOC display screens.
• Search, Queries, and Alerts:Develop and optimize analytics rules and alert mechanisms to proactively monitor for security threats, anomalies, and operational issues.Configure alerts to trigger automated responses or notifications based on predefined criteria.
• SIEM App Development:Build custom SIEM apps and add-ons to extend functionality and support specific agency requirements.Collaborate with development teams to integrate SIEM with other systems and tools.
• Security and Compliance:Implement security controls and best practices to protect data stored in SIEM and ensure compliance with relevant regulations and standards.Monitor and analyze security-related events to detect and respond to potential threats.
• Performance Optimization:Monitor system performance and troubleshoot issues related to data indexing, search performance, and resource utilization.Implement optimizations to enhance SIEM's efficiency and responsiveness.
• Training and Documentation:Provide training and guidance to other JIS SOC team members on Microsoft Sentinel best practices, usage, and administration.Create documentation for configurations, processes, and troubleshooting.Application Process:Interested candidates are invited to submit their resume and a cover letter detailing their qualifications and experience.