Role: 10+ years of experience in Cyber security Designing & implementation of Security Agents, Development, Security agent migration, Physical Security exploitation and design flaw addressment & Endpoint Security.,

• Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc)
• EDR Deployment Planning: Assess the lab infrastructure and endpoints to determine deployment scope and strategy.
• Plan for agent installation, network requirements, and compatibility with existing systems.
• Deploy Falcon agents on chosen relevant endpoints
• Tune settings to minimize false positives while maintaining strong security posture
• Work with SOC consultant to configure alert rules and incident response workflows in Sentinel based on CrowdStrike telemetry
• Simulate endpoint threats to validate EDR detection and SIEM alerting.
• Test Crowd strikes performance against the OT security visibility and threat protection use cases.
• Set up data connectors between CrowdStrike and Sentinel using APIs or native integrations.
• Documentation & reporting: Document deployment steps, configurations and integration details., Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence., Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response.
• Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, Firewalls, EDR (eg, Defender for Endpoint), VMDR (eg, Qualys), and other OT/IT systems into Sentinel.
• Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives.
• Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events.
• Execution of the use cases on SIEM, SOAR & Threat Intelligence
• Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics.