Security Engineer ll – Microsoft Sentinel & Defender XDR
Share
Job Location:
Monthly Salary:
Posted on:
3 days ago
Vacancies:
1 Vacancy
Job Summary
We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
About the Company: We are Cyderes (Cyber Defense and Response). A global pure-play full lifecycle cyber securityservicesprovider. We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
About the Job:The Security Engineer ll Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes Managed Sentinel SIEM and MDR services.
This role goes beyond basic platform administration. The Security Engineer ll is responsible for detection engineering platform optimization onboarding lifecycle execution and Defender XDR integration. You will serve as a trusted technical resource to clients ensuring their Microsoft security ecosystem is properly configured optimized and continuously improving against evolving threats.
You will represent and reinforce the Cyderes brand through strong collaboration professional communication and consistent delivery that meets or exceeds client expectations.
Responsibilities:
- Support intake process including coverage for Eastern Standard Time business hours as required
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of:
- Log ingestion pipelines
- Data connector status
- Automation playbooks
- Analytics rule performance
- Monitor ingestion volumes and support cost optimization initiatives
- Assist in tenant standardization across multi-client MSSP environments
- Onboard new data sources into Microsoft Sentinel following established SOPs:
- Validate connectivity
- Confirm correct parsing and schema normalization
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources:
- Defender for Endpoint
- Defender for Identity
- Defender for Office 365
- Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
- Develop and maintain analytics rules (Scheduled NRT Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards workbooks and reporting artifacts
- Assist in building reusable hunting and detection libraries
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 triage and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support root cause investigations for platform or telemetry issues
- Assist with containment automation where applicable
- Develop and maintain Azure Logic App playbooks
- Automate response actions such as:
- Device isolation
- User disablement
- IP blocking
- Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
- Contribute to:
- Runbooks
- Standard operating procedures
- Onboarding checklists
- Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
- Participate in internal training and knowledge-sharing sessions
Platform Engineering & Administration
Log Source Onboarding & Integration
Detection Engineering & Use Case Development
Monitoring & Incident Support
Automation & SOAR
Documentation & Continuous Improvement
Requirements
- Diploma or Bachelors degree in Computer Science Cybersecurity Information Technology or related field (or equivalent experience)
- Experience
- 35 years of experience in IT security SOC or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments preferred
- Exposure to multi-tenant environments (Azure Lighthouse preferred)
- Strong working knowledge of:
- Microsoft Sentinel
- Microsoft Defender XDR
- Azure Log Analytics
- Proficiency in KQL
- Understanding of:
- Windows & Linux logs
- Azure AD / Entra ID
- Networking fundamentals (TCP/IP ports firewalls proxies)
- Authentication & authorization models
- Experience with:
- Azure Logic Apps
- REST APIs
- PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
- SC-200 (Microsoft Security Operations Analyst)
- AZ-500 (Azure Security Engineer)
- SC-100 (Cybersecurity Architect)
- Security
- Relevant Microsoft Defender certifications
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to document investigations and platform changes thoroughly
- Customer-focused mindset
- Ability to balance operational and engineering responsibilities
Education
Technical Skills
Certifications (Preferred)
Soft Skills
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
Key Skills
- Client Server
- Abinitio
- Acting
- Accounts Assistant Credit Control
- Light Bus And Heavy Bus
- Dns
About Company
Cyderes offers tech-enabled managed security services for real-time risk and compliance management in modern enterprises.
