Azure Sentinel Identity Engineer

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.
We are seeking a detail-oriented Azure Sentinel Identity Engineer to enhance our cybersecurity team. The ideal candidate will specialize in utilizing Azure Sentinel, particularly its User and Entity Behavior Analytics (UEBA) functionality, to monitor and analyze user activities and detect anomalies. This role involves writing and troubleshooting KQL statements for effective data visualization, implementing Azure Sentinel logging and auditing within cloud infrastructures, and maintaining thorough documentation. The engineer will collaborate closely with team members and stakeholders to ensure clear communication and will develop workbooks and playbooks tailored to security and IT operations.

Key Responsibilities

• Utilize KQL statements to create insightful data visualizations, focusing on user and entity behavior analytics to detect security threats.
• Integrate and manage Azure Sentinel's logging and auditing capabilities to secure cloud infrastructure.
• Develop and maintain detailed onboarding documentation for Azure Sentinel and its data sources, with a focus on UEBA features.
• Collaborate effectively with team members and stakeholders to maintain clear and concise communication.
• Design and upkeep Azure Sentinel workbooks and playbooks, incorporating user and entity behavior analytics to enhance threat detection and response.
• Leverage threat intelligence feeds and build automated workflows tailored to various security scenarios.
• Partner with analysts to develop incident response playbooks and strategies, incorporating insights from UBA.
• Generate and adapt SIEM/SOAR use cases based on evolving customer requirements, ensuring seamless integration of new data sources and maintaining existing ones.
• Scripting and automation using Bash and PowerShell to streamline security processes.
• Conduct in-depth security investigations and provide training on investigative techniques, with a focus on user behavior analytics.

Qualifications

• Minimum 5 years of related experience in the cyber security field and at least 2 years of Azure Sentinel experience.
• Proven experience with Azure Sentinel, especially in deploying and utilizing its User and Entity Behavior Analytics (UEBA) functionality.
• Strong scripting skills in Bash and PowerShell, with a background in creating and reviewing security scripts.
• Demonstrable ability to perform comprehensive security investigations and to train personnel in these techniques.
• Proficiency in managing AWS and Azure cloud environments.
• Advanced skills in Python, in addition to Bash and PowerShell.
• Active federal government-issued security clearance, or ability and willingness to submit to the clearance/background investigation process

True Zero Technologies offers a competitive salary package for the right candidate, along with excellent benefits and opportunities for professional development. U.S. Citizenship is required.
We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:
- Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills