Remote Junior Azure Sentinel Operations Analyst at Accenture Federal Services
Accenture Federal Services · Arlington, United States Of America · Remote
- Junior
Join Accenture Federal Services, a technology company and part of global Accenture, to do work that matters in a collaborative and caring community, where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more.
Join us to drive positive, lasting change that moves missions and the government forward!
As an Azure Sentinel Operations Analyst you will be tasked with the critical role of supporting the day to day management of robust Azure Cloud infrastructure solutions, with a particular focus on supporting the infrastructure for a Microsoft Sentinel and Microsoft Defender XDR implementation on behalf of a SOC and CIRT team. Your expertise in Microsoft Sentinel will be pivotal as you navigate through the complexities of managing the requirements from our stakeholders and translating those into actionable infrastructure tasks.
To excel in this role, you should bring a wealth of experience in operating a complex SIEM solutions at an enterprise level. Your background should demonstrate a successful track record of working in a cross team matrixed environment to operate and support the infrastructure for comprehensive SIEM solutions. Your ability to communicate effectively and translate technical requirements into actionable strategies will be key to your success.
The work:
- Leverage native Microsoft Azure technologies including Azure Sentinel, Defender XDR, Azure Log Analytics, Azure Monitor, and Azure Policy to support an 800-171 compliant SIEM environment
- Operations and support of the SIEM solution itself, requiring hands-on experience with Sentinel Data Connectors, both native and custom
- Manage, maintain, and operate an Enterprise Level SIEM solution for AFS IT, ensuring its effectiveness and efficiency
- Work collaboratively with Application Owners, the Security Operations Center (SOC), the Computer Incident Response Team (CIRT), and other stakeholders will be vital in developing and maintaining this SIEM solution
Here's what you need:
- US Citizen
- 1+ year hands on experience managing, maintaining, and operating Microsoft Azure Sentinel
- 1+ year of experience with Microsoft Azure
- Ability to be on call as needed
Bonus points if you have:
- 1+ year experience with Infra as Code (IaC) (ARM, Bicep, Terraform preferred)
- Experience implementing both native Sentinel data connectors as well as custom connectors using Rest API, Logs ingestion API, CEF, Syslog, Azure Functions, and Custom Logs
- Exposure to Microsoft Defender XDR
- Experience with Azure DCR (data collection rules), Azure Monitor, Azure Monitoring Agent, Azure Policy, Azure Log Analytics, Azure Alerts, Kusto Query Language, User & Entity Behavior Analytics (UEBA), Analytic Rules, and Monitoring Workbooks to support a Microsoft Sentinel implementation
- Experience being involved in workstreams where you are an active contributor and can talk to the progress and results of assigned tasks
- Azure Administrator and/or Architecture Certification
- Azure Security Engineer Associate Certification
- Experience migrating Splunk to Sentinel
- Experience with security compliance and NIST 800-171
- Enjoy learning new technologies quickly and staying up to date on cloud technology
As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, New York, Washington, Vermont, and the District of Columbia. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply.