Overview
The Microsoft Sentinel Solution Architect will engage in a strategic architecture review and optimisation programme for an enterprise client's Microsoft Sentinel deployment. As part of a focused six-week contract, the architect will assess the current architecture, monitoring coverage, and integration model, working closely with the client’s Product Owner and Security Architect to provide practical recommendations for enhancing the security monitoring capability.
Responsibilities
- Provide hands-on expertise in Microsoft Sentinel solution architecture during the engagement.
- Collaborate with the client’s Product Owner, Security Architect, and stakeholders to evaluate the existing design.
- Review architecture, use cases, and integration strategies as well as security monitoring processes.
- Identify risks, constraints, gaps, and opportunities for improvement across the platform.
- Develop actionable recommendations and a prioritised roadmap to enhance security monitoring.
- Support architecture governance and aid in decision-making activities.
Requirements
- Proven experience in Microsoft Sentinel Solution Architecture in large enterprise environments.
- Deep knowledge of SIEM architecture, security monitoring, and detection engineering.
- Experience in optimising Sentinel workspace designs and analytics rules, including KQL and automation tools.
- Strong understanding of the Microsoft security ecosystem, including Defender and Azure services.
- Ability to integrate Sentinel with various platforms and evaluate monitoring use cases.
- Experienced in architecture governance and producing decision papers and recommendations.