Microsoft Sentinel Engineer (Cloud Security, SOAR, UEBA)

Job Title: Microsoft Sentinel Engineer (Cloud Security SOAR UEBA)

Location: Austin TX (Onsite -Local Candidates only)

We are currently seeking candidates who meet the following qualification

• Bachelors degree from an accredited college or university in Computer Science Information Systems Software Engineering Cybersecurity or a related field.
• Hands-on experience in software development cloud engineering SIEM engineering or cybersecurity engineering.
• Strong knowledge of Microsoft Sentinel architecture SOAR and UEBA capabilities.
• Proficiency with Azure services including Logic Apps Azure Functions Event Hubs Key Vault and Azure Active Directory.
• Experience with security operations processes such as threat detection alert triage and incident response.
• Strong skills in KQL for analytics hunting and behavioral detection.
• Proficiency in programming and scripting languages such as Python PowerShell KQL C# or JavaScript.
• Experience with API integrations and working with JSON/YAML formats.
• Ability to work independently manage multiple priorities and meet deadlines.

• Hands-on experience developing and managing Microsoft Sentinel solutions.
• Experience designing UEBA models anomaly detection rules and behavior-based analytics.
• Experience building and maintaining Sentinel SOAR automation playbooks.
• Microsoft security and Azure certifications such as SC-200 AZ-900 AZ-104 SC-100 or SC-300.
• Experience integrating Sentinel with EDR IAM firewall solutions and ticketing systems.
• Familiarity with DevOps practices CI/CD pipelines and Git-based version control tools.
• Knowledge of MITRE ATT&CK NIST CSF and Zero Trust Architecture.
• Experience working in government healthcare or other regulated environments.
• Strong written and verbal communication skills with the ability to explain technical concepts to non-technical audiences.

Microsoft Sentinel SOAR Development

• Design develop test and deploy Microsoft Sentinel automation playbooks using Azure Logic Apps Azure Functions ARM templates and REST APIs.
• Build automated workflows for alert enrichment triage response actions notifications and case management.
• Integrate Sentinel with third-party security and IT systems such as EDR IAM ticketing platforms email gateways and firewalls.

UEBA & Analytics Engineering

• Develop custom UEBA detection rules anomaly detection models machine-learning based behavior patterns and advanced hunting queries using KQL.
• Create and maintain analytics content data parsers normalization rules and entity behavior profiles.
• Evaluate behavioral anomalies and collaborate with cybersecurity teams to fine-tune and enhance detection logic.

SIEM Content Development & Platform Engineering

• Design and implement custom data connectors ingestion pipelines and data transformation processes.
• Develop dashboards workbooks hunting queries and detection-as-code assets.
• Perform tuning to improve platform performance reduce alert noise and align detections with MITRE ATT&CK and Zero Trust principles.

Application Development & Integration

• Develop supporting code modules scripts microservices and helper APIs using Python or similar languages.
• Support CI/CD workflows DevOps pipelines version control systems and infrastructure-as-code practices.

Documentation Collaboration & Support

• Create technical design documentation SOPs architecture diagrams and automation runbooks.
• Collaborate with internal security leadership stakeholders and cross-functional teams on requirements testing and deployments.
• Provide Tier III engineering support and participate in incident reviews and post-incident analysis.
  
  If you meet these qualifications please submit your application via link provided in Linkedin.
  Kindly do not call the general line to submit your application.