imec logo
Contact
CMOS: advanced and beyond
Discover why imec is the premier R&D center for advanced logic & memory devices.
Integrated photonics
Take a look at technologies for optical transceivers, sensors and more.
Health technologies
See how imec brings the power of chip technology to the world of healthcare.
Sensing and actuation
Explore imec’s CMOS- and photonics-based sensing and actuation systems.
Connectivity technology
Look into our reliable, high-performance, low-power network technologies.
More expertises
Discover all our expertises.
Research
Be the first to reap the benefits of imec’s research by joining one of our programs or starting an exclusive bilateral collaboration.
Foundry services
Build on our expertise for the design, prototyping and low-volume manufacturing of your innovative nanotech components and products.
Venturing and startups
Kick-start your business. Launch or expand your tech company by drawing on the funds and knowhow of imec’s ecosystem of tailored venturing support.
Education and workforce development
Imec supports formal and on-the-job training for a range of careers in semiconductors.
NanoIC pilot line
Aligned with the EU Chips Act, access to the pilot line will accelerate beyond-2nm innovation.
Semiconductor technology
Life sciences and health solutions
Data and telecommunication
Automotive technologies
Robotics technology for Industry 4.0
More applications
/Microsoft Sentinel Development Environment Setup

Microsoft Sentinel Development Environment Setup

Internship/thesis - Leuven | Just now

Design and Deployment of a Development & Testing Environment for Microsoft Sentinel. 

Apply

Internship Objective 

To provide hands-on experience in cloud-based SIEM (Security Information and Event Management) technologies by designing and deploying a fully independent Microsoft Sentinel instance for development and testing purposes. The environment will support SOC Engineering use cases and enable automation, integration, and CI/CD workflows aligned with internal policies and naming conventions. 

Scope of Work 

1. Environment Setup 

  • Deploy a new Microsoft Sentinel instance in a dedicated Azure subscription or resource group, fully isolated from the production environment. 
  • Ensure the environment is easy to maintain, scalable, documented and cost-effective. 
  • Apply internal naming conventions and policy compliance from the start. 

2. Access Control 

  • Implement Role-Based Access Control (RBAC) tailored for SOC Engineering roles. 
  • Ensure least privilege principles and auditability. 

3. Integration with Existing Infrastructure 

  • Connect the Sentinel instance to an existing Logstash server in the development environment. 
  • Validate data ingestion and parsing using custom schemas if needed. 

4. Playbooks and Automation 

  • Develop and test Log Analytics playbooks for common SOC use cases (e.g., alert enrichment, incident tagging). 
  • Create automation playbooks using: 
    • Azure Logic Apps for workflow orchestration. 
    • Azure Function Apps for custom logic and lightweight automation. 

5. CI/CD and Content Management 

  • Set up CI/CD pipelines using GitHub or Azure DevOps to manage: 
    • Sentinel analytics rules 
    • Workbooks 
    • Playbooks 
    • Function App code 
  • Ensure version control, peer review workflows, and automated deployment to the dev Sentinel instance. 

Deliverables 

  • Fully operational Microsoft Sentinel dev instance. 
  • Documented RBAC model and access policies. 
  • Working integration with Logstash. 
  • At least 3 Log Analytics playbooks and 2 automation playbooks. 
  • CI/CD pipeline with sample content deployment. 
  • Final report and presentation summarizing the setup, challenges, and learnings. 

Candidate Profile 

  • Bachelor student in CyberSecurity or related field. 
  • Familiarity with Azure, SIEM concepts, and scripting (PowerShell, Python). 
  • Interest in SOC operations and automation. 

Duration 

8–12 weeks, full-time or part-time depending on academic schedule. 

Mentorship & Support 

Supervision by SOC Engineering team.

 

Bachelor's program/required background: Computer Science, Cybersecurity

Language requirements: English

Type of Project: Internship

Mentor: Andy Wouters 

For more information or application, please contact the sypervising scientist Andy Wouters (andy.wouters@imec.be).

 

Apply
Who we are
Accept analytics-cookies to view this content.
imec's cleanroom
Accept analytics-cookies to view this content.

Explore our other vacancies

Electrical characterization test engineer

Join our characterization team to test the most advanced neural probes for brain research.

Technology Demonstrator Chip Architect

At the heart of imec’s Connectivity Pathfinding (COP) department, the Demonstrator Architect (DEAR) unit leads the charge in redefining chiplet connectivity for next-generation AI, HPC, and Automotive systems, pioneering Chip Architectures for an interconnected future.

Senior High-Speed Photonics Device Technical Lead

Join the Photonic device group to lead technically the development of novel high-speed optical transceivers.

Optimizing dummy dispense and process consumption of chemicals

Improve the consumption and linked cost of chemicals in the litho process. 

Venture Acceleration Manager imec.istart Spain

As venture acceleration manager, you are the coach and advisor to a portfolio of startups and scaleups supported by imec.istart. You interact with the different stakeholders of the imec.istart community and help spread our entrepreneurial message.

Technische Bachelors

Je bent verantwoordelijk voor de coördinatie en parttime werking van hightech apparatuur in de cleanroom. Samen met je collega's bewaak je de kwaliteit van de productiestappen en zorg je ervoor dat de doelstellingen voor cyclustijd, kwaliteit, veiligheid en volume worden gehaald.
Job opportunities

Send this job to your email