Job purpose: The role is a dedicated full-time DevSecOps Engineer to perform development, support and refinement activities within a Customers Azure Sentinel estate. To role will work closely with other project team members from ITC and in close alignment with the ITC SOC to ensure the continued high-fidelity nature of the MXDR Services delivered to the customer.
This role is an initial 6 month contract providing dedicated Sentinel support for an ITC Secure client.
Key interfaces: ITC Secure Customer, ITC Professional Services Teams, ITC SOC.

WE ARE LOOKING FOR SOMEONE WITH:

• The following certifications:
• COMPTIA Security+ (essential)
• Microsoft SC-200 (desirable)
• Microsoft AZ-500 (desirable)
• Microsoft MS-500 (desirable)
• Exposure working with a previous managed security provider or within an MSSP environment (desirable)
• Strong working knowledge of KQL (essential)
• Experience of using SOC tooling (SIEM and EDR solutions) (essential)
• Previous experience working within financial services (desirable)
• The ability to communicate fluently and confidently to a high standard in both written and verbal English (essential)
• Experience using ITSM tools (desirable)
• Knowledge and understanding of the phases in incident response and Cyber Kill Chain (desirable)
• Good blue/purple/red team experience (desirable)
  Working hours: Normal working hours are 8 hours a day, Monday – Friday.
  Working location: Hybrid working environment, with 2 days per week working in the Customer’s City of London office.
  This job description is intended to convey information essential to understanding the scope of the role and it is not intended to be an exhaustive list of skills, efforts, duties, responsibilities or working conditions associated with the position

• Sentinel Log Source development i.e. connectors
• Analytic rule development for new and existing log sources – example log sources include Fortinet, Citrix, ForcePoint One
• Use Case development
• Working in collaboration with the Customer and with other ITC resources supporting the Customer
• Will be a dedicated resource for ITC Secure end customer.