Microsoft Sentinel Architect - Tampa, United States - Occam Solutions

Description

Job Description

About Occam:

Founded in 2004, Occam Solutions is a leader in Data Science, Software Development, and Mission Support services to the both the civilian and defense sectors of the US government. We provide thought leadership, technical resources, and know-how leveraging in-depth industry experiences to provide simple and effective solutions.

Occam Solutions is hiring for a Microsoft Sentinel Architect for Tampa, FL. This position is hybrid, offering 2 days of remote work and 3 days of working onsite.

Responsibilities:

• Be the technical solution for Microsoft Sentinel Optimization Services.

• A proposed process and policy development to support the implementation and training of the Microsoft Sentinel Optimization Services (Are they working on the processes/policy?

• Assisting security managers with answering integrating ISSE questions pertaining to Acceptable Risk Management (RMF) package.

• Develop user training on Microsoft Sentinel Optimization Services and provide hands-on training to Government personnel.

• Transition the maintenance and data of Microsoft Sentinel Optimization Services.

• Management of the Microsoft Sentinel SIEM which may include:
o Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules.
o Enabling and configuring Microsoft Sentinel data connectors for native tools.

• Performance and cost metrics monthly reports which include:
o Log source volume and data types ingested.
o Recommended modifications to existing data sources to optimize data ingestion costs and security relevance/importance of log data being ingested.
o Overall cost attributed to Microsoft Sentinel ingest.

• Quarterly cyber readiness reviews to review overall protection, detection, response capabilities, and program hygiene.

• Provide a deep-dive session to review any findings from the initial Sentinel analysis and introduce additional value propositions.

• Architectural documentation displaying all connector inputs to Microsoft Sentinel.

• Assessment of existing endpoint protection technologies and their integration into Microsoft Sentinel.

• Repository of Microsoft Sentinel ingest requests.

• Establish a Lighthouse connection between DISA and the customer.

• Formal Administrator acceptance brief, knowledge transfer, and transition plan.

Knowledge needed to be successful in this role:

• Know how information moves across the system from one application to another.
• Have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures.
• Have the ability to easily publish and share data with other applications and data architects design database systems.
• Possess the ability to create and organize large bits of information.
• Have the knowledge to produce methodologies within the data framework to maintain the consistency and accuracy of the data.
• Must be able to produce/design data models that represent the structure of data within the data framework.

Requirements:

• Expert in Microsoft Sentinel Optimization Services
• Must have experience in management of the Microsoft Sentinel SIEM
• Well-versed in AQL query, MDI, and Cloud Applications
• TS/SCI
• CompTIA SEC+ and other required IAW DOD 8570
• Must be able to produce/design data models that represent the structure of data within the data framework.
• Must have strong expertise in engineering, data architecture, testing, and solution deployments including understanding how systems interact with technical architectures.