MICROSOFT SENTINEL ARCHITECT WITH SECURITY CLEARANCE
Occam Solutions Inc
Tampa FL 33601 US
About Occam: Founded in 2004, Occam Solutions is a leader in Data Science, Software Development, and Mission Support services to the both the civilian and defense sectors of the US government. We provide thought leadership, technical resources, and know-how leveraging in-depth industry experiences to provide simple and effective solutions. Occam Solutions is hiring for a Microsoft Sentinel Architect for Tampa, FL. This position is hybrid, offering 2 days of remote work and 3 days of working onsite. Responsibilities:
• Be the technical solution for Microsoft Sentinel Optimization Services.
• A proposed process and policy development to support the implementation and training of the Microsoft Sentinel Optimization Services (Are they working on the processes/policy?
• Assisting security managers with answering integrating ISSE questions pertaining to Acceptable Risk Management (RMF) package. • Develop user training on Microsoft Sentinel Optimization Services and provide hands-on training to Government personnel.
• Transition the maintenance and data of Microsoft Sentinel Optimization Services. • Management of the Microsoft Sentinel SIEM which may include: o Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules. o Enabling and configuring Microsoft Sentinel data connectors for native tools. • Performance and cost metrics monthly reports which include: o Log source volume and data types ingested. o Recommended modifications to existing data sources to optimize data ingestion costs and security relevance/importance of log data being ingested. o Overall cost attributed to Microsoft Sentinel ingest. • Quarterly cyber readiness reviews to review overall protection, detection, response capabilities, and program hygiene. • Provide a deep-dive session to review any findings from the initial Sentinel analysis and introduce additional value propositions. • Architectural documentation displaying all connector inputs to Microsoft Sentinel. • Assessment of existing endpoint protection technologies and their integration into Microsoft Sentinel. • Repository of Microsoft Sentinel ingest requests. • Establish a Lighthouse connection between DISA and the customer.
• Formal Administrator acceptance brief, knowledge transfer, and transition plan. Knowledge needed to be successful in this role: * Know how information moves across the system from one application to another. * Have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures. * Have the ability to easily publish and share data with other applications and data architects design database systems. * Possess the ability to create and organize large bits of information. * Have the knowledge to produce methodologies within the data framework to maintain the consistency and accuracy of the data. * Must be able to produce/design data models that represent the structure of data within the data framework. Requirements: * Expert in Microsoft Sentinel Optimization Services * Must have experience in management of the Microsoft Sentinel SIEM * Well-versed in AQL query, MDI, and Cloud Applications * TS/SCI * CompTIA SEC+ and other required IAW DOD 8570 * Must be able to produce/design data models that represent the structure of data within the data framework. * Must have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures.
• Be the technical solution for Microsoft Sentinel Optimization Services.
• A proposed process and policy development to support the implementation and training of the Microsoft Sentinel Optimization Services (Are they working on the processes/policy?
• Assisting security managers with answering integrating ISSE questions pertaining to Acceptable Risk Management (RMF) package. • Develop user training on Microsoft Sentinel Optimization Services and provide hands-on training to Government personnel.
• Transition the maintenance and data of Microsoft Sentinel Optimization Services. • Management of the Microsoft Sentinel SIEM which may include: o Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules. o Enabling and configuring Microsoft Sentinel data connectors for native tools. • Performance and cost metrics monthly reports which include: o Log source volume and data types ingested. o Recommended modifications to existing data sources to optimize data ingestion costs and security relevance/importance of log data being ingested. o Overall cost attributed to Microsoft Sentinel ingest. • Quarterly cyber readiness reviews to review overall protection, detection, response capabilities, and program hygiene. • Provide a deep-dive session to review any findings from the initial Sentinel analysis and introduce additional value propositions. • Architectural documentation displaying all connector inputs to Microsoft Sentinel. • Assessment of existing endpoint protection technologies and their integration into Microsoft Sentinel. • Repository of Microsoft Sentinel ingest requests. • Establish a Lighthouse connection between DISA and the customer.
• Formal Administrator acceptance brief, knowledge transfer, and transition plan. Knowledge needed to be successful in this role: * Know how information moves across the system from one application to another. * Have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures. * Have the ability to easily publish and share data with other applications and data architects design database systems. * Possess the ability to create and organize large bits of information. * Have the knowledge to produce methodologies within the data framework to maintain the consistency and accuracy of the data. * Must be able to produce/design data models that represent the structure of data within the data framework. Requirements: * Expert in Microsoft Sentinel Optimization Services * Must have experience in management of the Microsoft Sentinel SIEM * Well-versed in AQL query, MDI, and Cloud Applications * TS/SCI * CompTIA SEC+ and other required IAW DOD 8570 * Must be able to produce/design data models that represent the structure of data within the data framework. * Must have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures.