Position: Digital Forensic Analyst

Location: Mumbai

Duration: Contract to Hire

1. Threat Hunting on Azure Sentinel:

a. Correlating data across different tables using KQL

b. Analysis of Microsoft Entra ID events (SigninLogs, Risky users)

c. Analysis of AzureActivity, AuditLogs..

2. Usecase/Dashboard creation and fine-tuning

across multiple consoles.

3. Incident Analysis/RCA

• Investigation and analysis of complex security incidents to determine root cause, attack progression, remediation steps.

• Perform advanced analysis and tuning of SIEM detection and correlation rules across platforms such as Microsoft Sentinel, LogRhythm, and Palo Alto XSIAM.

• Conduct deep-dive log analysis to identify advanced indicators of compromise (IOCs) and attacker techniques across endpoint, network, cloud, and identity logs.

• Execute advanced triage, validation, and investigation of alerts from Microsof...