Microsoft Sentinel SOAR Developer

Hill Country Project Management LLC

Job Location:

Austin, TX - USA

Monthly Salary: Not Disclosed

Posted on: 2 hours ago

Vacancies: 1 Vacancy

Job Summary

Austin Metro Residents Onl Closes 01/06
Loc: 100% Onsite - local candidates only

HHSChas issued a request for aMicrosoft Sentinel Engineerto develop SOAR automation playbooks UEBA detection rules and SIEM content for threat detection and response capabilities. Candidates must have at least 2 years of experience in software SIEM or cybersecurity and ideally hands-on experience with MS Sentinel and SOAR automation. While MS Sentinel experience is not one of their minimum requirements candidates meeting/exceeding this requirement will likely be selected over those without.

Responsibilities include (but are not limited to):

Automate security workflows using Azure Logic Apps and integrate with third-party systems for alert triage and incident response.
Build and tune behavioral analytics using KQL anomaly models and ML-based logic to identify threats.
Create custom connectors dashboards and data pipelines to enhance detection and visibility within Microsoft Sentinel.

Minimum Candidate Characteristics:

2 years in software development SIEM engineering or cybersecurity engineering roles
Bachelors degree in a related field

Exceptional Candidate Characteristics:

3 years working directly with Microsoft Sentinel
Experience developing UEBA rules anomaly models and behavior-based detections
Built and deployed custom connectors data parsers and dashboards
Worked in a DevOps environment using Git CI/CD pipelines (Azure DevOps GitHub)
Delivered projects in government healthcare or regulatory settings
Microsoft certifications (SC-200 AZ-104 SC-100/300)

SKILLS AND QUALIFICATIONS

Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years	Required/ Preferred	Experience
4	Required	Graduation from an accredited four-year college or university with major coursework in computer science computer information systems software engineering cybersecurity or a related field.
2	Required	Two (2) years of full-time experience in software development cloud engineering SIEM engineering or cybersecurity engineering.
2	Required	Two (2) years of full-time experience in software development cloud engineering SIEM engineering or cybersecurity engineering.
3	Preferred	Three (3) or more years of hands-on technical experience with Microsoft Sentinel.
1	Preferred	Experience developing UEBA models anomaly detection rules and behavior-based analytics.
1	Preferred	Experience building Security Automation Playbooks (SOAR).
1	Preferred	Microsoft certifications such as: SC-200: Security Operations Analyst AZ-900 / AZ-104 SC-100 / SC-300
1	Preferred	Experience integrating Sentinel with EDR IAM firewalls and ticketing systems.
1	Preferred	Experience with DevOps pipelines (GitHub Azure DevOps).
1	Preferred	Experience working in a government healthcare or regulatory environment.

Austin Metro Residents Onl Closes 01/06Loc: 100% Onsite - local candidates onlyHHSChas issued a request for aMicrosoft Sentinel Engineerto develop SOAR automation playbooks UEBA detection rules and SIEM content for threat detection and response capabilities. Candidates must have at least 2 years ...

Austin Metro Residents Onl Closes 01/06
Loc: 100% Onsite - local candidates only

Responsibilities include (but are not limited to):

Automate security workflows using Azure Logic Apps and integrate with third-party systems for alert triage and incident response.
Build and tune behavioral analytics using KQL anomaly models and ML-based logic to identify threats.
Create custom connectors dashboards and data pipelines to enhance detection and visibility within Microsoft Sentinel.

Minimum Candidate Characteristics:

2 years in software development SIEM engineering or cybersecurity engineering roles
Bachelors degree in a related field

Exceptional Candidate Characteristics:

3 years working directly with Microsoft Sentinel
Experience developing UEBA rules anomaly models and behavior-based detections
Built and deployed custom connectors data parsers and dashboards
Worked in a DevOps environment using Git CI/CD pipelines (Azure DevOps GitHub)
Delivered projects in government healthcare or regulatory settings
Microsoft certifications (SC-200 AZ-104 SC-100/300)

SKILLS AND QUALIFICATIONS

Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years	Required/ Preferred	Experience
4	Required	Graduation from an accredited four-year college or university with major coursework in computer science computer information systems software engineering cybersecurity or a related field.
2	Required	Two (2) years of full-time experience in software development cloud engineering SIEM engineering or cybersecurity engineering.
2	Required	Two (2) years of full-time experience in software development cloud engineering SIEM engineering or cybersecurity engineering.
3	Preferred	Three (3) or more years of hands-on technical experience with Microsoft Sentinel.
1	Preferred	Experience developing UEBA models anomaly detection rules and behavior-based analytics.
1	Preferred	Experience building Security Automation Playbooks (SOAR).
1	Preferred	Microsoft certifications such as: SC-200: Security Operations Analyst AZ-900 / AZ-104 SC-100 / SC-300
1	Preferred	Experience integrating Sentinel with EDR IAM firewalls and ticketing systems.
1	Preferred	Experience with DevOps pipelines (GitHub Azure DevOps).
1	Preferred	Experience working in a government healthcare or regulatory environment.