Who We Are
We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
Great Place to Work Certified United States Canada United Kingdom India
About the Job:
The Security Engineer ll Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes Managed Sentinel SIEM and MDR services.
You will go beyond basic platform administration. The Security Engineer ll is responsible for detection engineering platform optimization onboarding lifecycle execution and Defender XDR integration. You will be a trusted technical resource to clients ensuring you configure improve and improve their Microsoft security ecosystem against evolving threats.
You will represent and strengthen the Cyderes brand through collaboration and delivery that meets client expectations.
You will report to Senior Manager Managed Platforms.
Responsibilities:
Platform Engineering & Administration
- Support intake process including coverage for Eastern Standard Time business hours
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of:
- Log ingestion pipelines
- Data connector status
- Automation strategies
- Analytics rule performance
- Monitor ingestion volumes and support cost optimization projects
- Support tenant standardisation across multi-client MSSP environments
Log Source Onboarding & Integration
- Onboard new data sources into Microsoft Sentinel following established SOPs:
- Validate connectivity
- Confirm correct parsing and schema normalisation
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources:
- Defender for Endpoint
- Defender for Identity
- Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
Detection Engineering & Use Case Development
- Develop analytics rules (Scheduled NRT Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards workbooks and reporting artefacts
- Help build reusable hunting and detection libraries
Monitor & Incident Support
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 assessment and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support cause investigations for platform or telemetry issues
- Help with containment automation where applicable
Automation & SOAR
- Develop Azure Logic App guides
- Automate response actions such as:
- Device isolation
- User disablement
- IP blocking
- Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
Documentation & Continuous Improvement
- Contribute to:
- Runbooks
- Standard operating procedures
- Onboarding checklists
- Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
Participate in internal training and knowledge-sharing sessions
Requirements
Education
- Diploma or Bachelors degree in Computer Science Cybersecurity Information Technology or related field (or equivalent experience)
Experience
- 35 years of experience in IT security SOC or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments
- Exposure to multi-tenant environments (Azure Lighthouse)
Technical Skills
- Working knowledge of:
- Microsoft Sentinel
- Microsoft Defender XDR
- Azure Log Analytics
- Proficiency in KQL
- Understanding of:
- Windows & Linux logs
- Azure AD / Entra ID
- Networking fundamentals (TCP/IP ports firewalls or proxies)
- Authentication and authorization models
- Experience with:
- Azure Logic Apps
- REST APIs
- PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
Certifications
- SC-200 (Microsoft Security Operations Analyst)
- AZ-500 (Azure Security Engineer)
- SC-100 (Cybersecurity Architect)
- Security
- Relevant Microsoft Defender certifications
#LI-Hybrid
This is a hybrid remote/in-office role.
WHY CYDERES
Benefits that go beyond the basics we support our people so they can do their best work.
Medical Insurance - Employee dependents covered
Life Insurance -Protection for what matters most
Retirement Match Program - We invest in your future
Hybrid Work Model -23 days in office
Maternity & Paternity Leave-Time for the moments that matter
Paid Time Off -PTO sick & casual leave
Bereavement & Volunteer Time - Giveback to your community
Professional Development -Reimbursement program
LinkedIn L&D Platform -Thousands of coursesat your fingertips
Mobile Phone Reimbursement -Stay connected on us
Cyderesis an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
Who We AreWe help the world Be Everyday ReadyTodays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seaso...
Who We Are
We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
Great Place to Work Certified United States Canada United Kingdom India
About the Job:
The Security Engineer ll Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes Managed Sentinel SIEM and MDR services.
You will go beyond basic platform administration. The Security Engineer ll is responsible for detection engineering platform optimization onboarding lifecycle execution and Defender XDR integration. You will be a trusted technical resource to clients ensuring you configure improve and improve their Microsoft security ecosystem against evolving threats.
You will represent and strengthen the Cyderes brand through collaboration and delivery that meets client expectations.
You will report to Senior Manager Managed Platforms.
Responsibilities:
Platform Engineering & Administration
- Support intake process including coverage for Eastern Standard Time business hours
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of:
- Log ingestion pipelines
- Data connector status
- Automation strategies
- Analytics rule performance
- Monitor ingestion volumes and support cost optimization projects
- Support tenant standardisation across multi-client MSSP environments
Log Source Onboarding & Integration
- Onboard new data sources into Microsoft Sentinel following established SOPs:
- Validate connectivity
- Confirm correct parsing and schema normalisation
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources:
- Defender for Endpoint
- Defender for Identity
- Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
Detection Engineering & Use Case Development
- Develop analytics rules (Scheduled NRT Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards workbooks and reporting artefacts
- Help build reusable hunting and detection libraries
Monitor & Incident Support
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 assessment and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support cause investigations for platform or telemetry issues
- Help with containment automation where applicable
Automation & SOAR
- Develop Azure Logic App guides
- Automate response actions such as:
- Device isolation
- User disablement
- IP blocking
- Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
Documentation & Continuous Improvement
- Contribute to:
- Runbooks
- Standard operating procedures
- Onboarding checklists
- Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
Participate in internal training and knowledge-sharing sessions
Requirements
Education
- Diploma or Bachelors degree in Computer Science Cybersecurity Information Technology or related field (or equivalent experience)
Experience
- 35 years of experience in IT security SOC or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments
- Exposure to multi-tenant environments (Azure Lighthouse)
Technical Skills
- Working knowledge of:
- Microsoft Sentinel
- Microsoft Defender XDR
- Azure Log Analytics
- Proficiency in KQL
- Understanding of:
- Windows & Linux logs
- Azure AD / Entra ID
- Networking fundamentals (TCP/IP ports firewalls or proxies)
- Authentication and authorization models
- Experience with:
- Azure Logic Apps
- REST APIs
- PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
Certifications
- SC-200 (Microsoft Security Operations Analyst)
- AZ-500 (Azure Security Engineer)
- SC-100 (Cybersecurity Architect)
- Security
- Relevant Microsoft Defender certifications
#LI-Hybrid
This is a hybrid remote/in-office role.
WHY CYDERES
Benefits that go beyond the basics we support our people so they can do their best work.
Medical Insurance - Employee dependents covered
Life Insurance -Protection for what matters most
Retirement Match Program - We invest in your future
Hybrid Work Model -23 days in office
Maternity & Paternity Leave-Time for the moments that matter
Paid Time Off -PTO sick & casual leave
Bereavement & Volunteer Time - Giveback to your community
Professional Development -Reimbursement program
LinkedIn L&D Platform -Thousands of coursesat your fingertips
Mobile Phone Reimbursement -Stay connected on us
Cyderesis an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
View more
View less
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
