- Excellent knowledge of one of the SIEM products Azure Sentinel
- Conduct detailed analytical queries and investigations identify areas that require specific attention identify indicators of compromise IOC or events of interest EOI that need further investigation and develop use cases and rules to be developed into the SIEM Azure Sentinel platform
- Understanding and working knowledge of IPS platforms
- Good knowledge of Cloud especially Azure
- Experience of building Azure sentinel is a must
- Knowledge of network technologies Windows and Unix administration
- Knowledge of typical security devices such as firewalls intrusion detection systems AV and End Point security Web Application Firewalls anti-spam systems event correlation systems etc.
- Azure Sentinel