Position: Digital Forensic Analyst
Location: Mumbai
Duration: Contract to Hire

1. Threat Hunting on Azure Sentinel:
a. Correlating data across different tables using KQL
b. Analysis of Microsoft Entra ID events (SigninLogs, Risky users)
c. Analysis of AzureActivity, AuditLogs..
2. Usecase/Dashboard creation and fine-tuning
across multiple consoles.
3. Incident Analysis/RCA
• Investigation and analysis of complex security incidents to determine root cause, attack progression, remediation steps.
• Perform advanced analysis and tuning of SIEM detection and correlation rules across platforms such as Microsoft Sentinel, LogRhythm, and Palo Alto XSIAM.
• Conduct deep-dive log analysis to identify advanced indicators of compromise (IOCs) and attacker techniques across endpoint, network, cloud, and identity logs.
• Execute advanced triage, validation, and investigation of alerts from Microsoft Sentinel, Microsoft Defender XDR, GCP, and other integra...