Associate Principal Cybersecurity Analyst
Associate Principal Cybersecurity Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
What success looks like in this role:
We are seeking an experienced Sentinel Implementation Architect to lead the design deployment and optimization of Microsoft Sentinel SIEM solutions across our SOC environment. This role requires deep technical expertise in SIEM architecture handson implementation experience with Sentinel and its integrations and a strong understanding of security operations log management and threat detection.
Key Responsibilities:
Design scalable and secure Sentinel architecture based on organizational requirements.
Define log collection strategies retention policies and data pipelines using Azurenative tools.
Plan and implement Sentinel workspaces across multitenant or multiregion environments.
Lead the onboarding of various log sources (cloud onprem thirdparty) into Microsoft Sentinel.
Integrate Microsoft Defender XDR Azure Arc custom data connectors and threat intelligence feeds.
Configure and optimize Sentinel analytics rules Fusion rules and custom detections.
Design and implement SOAR playbooks using Azure Logic Apps for incident response automation.
Collaborate with SOC teams to build response workflows and ensure endtoend alert handling.
Continuously monitor platform health ingestion performance and rule effectiveness.
Tune analytic rules to reduce false positives and improve detection accuracy.
Provide guidance on cost optimization and workspace governance.
Work closely with SOC analysts incident responders threat hunters and IT teams.
Document architectural decisions integration guides and best practices.
Support audit compliance and reporting requirements through structured logging and retention.
You will be successful in this role if you have:
Required Skills & Qualifications:
8 years of experience in cybersecurity with at least 3 years in Sentinel platform implementation.
Proven experience in Microsoft Sentinel implementation architecture and administration.
Strong expertise in Kusto Query Language (KQL) and Azure Logic Apps.
Familiarity with Defender for Endpoint Microsoft 365 Defender and Azure security tools.
Solid understanding of log formats threat detection and incident response workflows.
Experience with SOAR design and automation use cases.
Relevant certifications are a plus (e.g. SC200 SC100 AZ500).
Preferred Qualifications:
Experience with multitenant Sentinel deployments or MSSP environments.
Working knowledge of other SIEMs (Splunk Securonix etc.) is an added advantage.
Exposure to compliance standards (ISO 27001 NIST SOC 2).
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age blood type caste citizenship color disability family medical history family status ethnicity gender gender expression gender identity genetic information marital status national origin parental status pregnancy race religion sex sexual orientation transgender status veteran status or any other category protected by law.
This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein or cannot otherwise complete your expression of interest without additional assistance and would like to discuss a request for reasonable accommodation please contact our Global Recruiting organization at or alternatively Toll Free:(Prompt 4). US job seekers can find more information about Unisys EEO commitment here.
Required Experience:
Staff IC
Employment Type
Full-Time
