We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
About the Job:
The Security Engineer ll Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes Managed Sentinel SIEM and MDR services.
This role goes beyond basic platform administration. The Security Engineer ll is responsible for detection engineering platform optimization onboarding lifecycle execution and Defender XDR integration. You will serve as a trusted technical resource to clients ensuring their Microsoft security ecosystem is properly configured optimized and continuously improving against evolving threats.
You will represent and reinforce the Cyderes brand through strong collaboration professional communication and consistent delivery that meets or exceeds client expectations.
Responsibilities:
Platform Engineering & Administration
- Support intake process including coverage for Eastern Standard Time business hours as required
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of:
- Log ingestion pipelines
- Data connector status
- Automation playbooks
- Analytics rule performance
- Monitor ingestion volumes and support cost optimization initiatives
- Assist in tenant standardization across multi-client MSSP environments
Log Source Onboarding & Integration
- Onboard new data sources into Microsoft Sentinel following established SOPs:
- Validate connectivity
- Confirm correct parsing and schema normalization
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources:
- Defender for Endpoint
- Defender for Identity
- Defender for Office 365
- Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
Detection Engineering & Use Case Development
- Develop and maintain analytics rules (Scheduled NRT Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards workbooks and reporting artifacts
- Assist in building reusable hunting and detection libraries
Monitoring & Incident Support
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 triage and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support root cause investigations for platform or telemetry issues
- Assist with containment automation where applicable
Automation & SOAR
- Develop and maintain Azure Logic App playbooks
- Automate response actions such as:
- Device isolation
- User disablement
- IP blocking
- Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
Documentation & Continuous Improvement
- Contribute to:
- Runbooks
- Standard operating procedures
- Onboarding checklists
- Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
Participate in internal training and knowledge-sharing sessions
Requirements
Education
- Diploma or Bachelors degree in Computer Science Cybersecurity Information Technology or related field (or equivalent experience)
Experience
- 35 years of experience in IT security SOC or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments preferred
- Exposure to multi-tenant environments (Azure Lighthouse preferred)
Technical Skills
- Strong working knowledge of:
- Microsoft Sentinel
- Microsoft Defender XDR
- Azure Log Analytics
- Proficiency in KQL
- Understanding of:
- Windows & Linux logs
- Azure AD / Entra ID
- Networking fundamentals (TCP/IP ports firewalls proxies)
- Authentication & authorization models
- Experience with:
- Azure Logic Apps
- REST APIs
- PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
Certifications (Preferred)
- SC-200 (Microsoft Security Operations Analyst)
- AZ-500 (Azure Security Engineer)
- SC-100 (Cybersecurity Architect)
- Security
- Relevant Microsoft Defender certifications
Soft Skills
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to document investigations and platform changes thoroughly
- Customer-focused mindset
- Ability to balance operational and engineering responsibilities
WHY CYDERES
Benefits that go beyond the basics we support our people so they can do their best work.
Medical Insurance - Employee dependents covered
Life Insurance -Protection for what matters most
Retirement Match Program - We invest in your future
Hybrid Work Model -23 days in office
Maternity & Paternity Leave-Time for the moments that matter
Paid Time Off -PTO sick & casual leave
Bereavement & Volunteer Time - Giveback to your community
Professional Development -Reimbursement program
LinkedIn L&D Platform -Thousands of coursesat your fingertips
Mobile Phone Reimbursement -Stay connected on us
Cyderesis an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
We help the world Be Everyday ReadyTodays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operat...
We help the world Be Everyday Ready
Todays threatscape is relentless. So are Cyderes we specialize in building practical IAM exposure management and risk programs and stopping active threats fast with MDR that works with your existing security tools all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity arming organizations with the people platforms and perspectives they need to conquer whatever tomorrow throws their way.
About the Job:
The Security Engineer ll Microsoft Sentinel & Defender XDR plays a critical engineering role within Cyderes Managed Sentinel SIEM and MDR services.
This role goes beyond basic platform administration. The Security Engineer ll is responsible for detection engineering platform optimization onboarding lifecycle execution and Defender XDR integration. You will serve as a trusted technical resource to clients ensuring their Microsoft security ecosystem is properly configured optimized and continuously improving against evolving threats.
You will represent and reinforce the Cyderes brand through strong collaboration professional communication and consistent delivery that meets or exceeds client expectations.
Responsibilities:
Platform Engineering & Administration
- Support intake process including coverage for Eastern Standard Time business hours as required
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of:
- Log ingestion pipelines
- Data connector status
- Automation playbooks
- Analytics rule performance
- Monitor ingestion volumes and support cost optimization initiatives
- Assist in tenant standardization across multi-client MSSP environments
Log Source Onboarding & Integration
- Onboard new data sources into Microsoft Sentinel following established SOPs:
- Validate connectivity
- Confirm correct parsing and schema normalization
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources:
- Defender for Endpoint
- Defender for Identity
- Defender for Office 365
- Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
Detection Engineering & Use Case Development
- Develop and maintain analytics rules (Scheduled NRT Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards workbooks and reporting artifacts
- Assist in building reusable hunting and detection libraries
Monitoring & Incident Support
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 triage and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support root cause investigations for platform or telemetry issues
- Assist with containment automation where applicable
Automation & SOAR
- Develop and maintain Azure Logic App playbooks
- Automate response actions such as:
- Device isolation
- User disablement
- IP blocking
- Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
Documentation & Continuous Improvement
- Contribute to:
- Runbooks
- Standard operating procedures
- Onboarding checklists
- Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
Participate in internal training and knowledge-sharing sessions
Requirements
Education
- Diploma or Bachelors degree in Computer Science Cybersecurity Information Technology or related field (or equivalent experience)
Experience
- 35 years of experience in IT security SOC or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments preferred
- Exposure to multi-tenant environments (Azure Lighthouse preferred)
Technical Skills
- Strong working knowledge of:
- Microsoft Sentinel
- Microsoft Defender XDR
- Azure Log Analytics
- Proficiency in KQL
- Understanding of:
- Windows & Linux logs
- Azure AD / Entra ID
- Networking fundamentals (TCP/IP ports firewalls proxies)
- Authentication & authorization models
- Experience with:
- Azure Logic Apps
- REST APIs
- PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
Certifications (Preferred)
- SC-200 (Microsoft Security Operations Analyst)
- AZ-500 (Azure Security Engineer)
- SC-100 (Cybersecurity Architect)
- Security
- Relevant Microsoft Defender certifications
Soft Skills
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to document investigations and platform changes thoroughly
- Customer-focused mindset
- Ability to balance operational and engineering responsibilities
WHY CYDERES
Benefits that go beyond the basics we support our people so they can do their best work.
Medical Insurance - Employee dependents covered
Life Insurance -Protection for what matters most
Retirement Match Program - We invest in your future
Hybrid Work Model -23 days in office
Maternity & Paternity Leave-Time for the moments that matter
Paid Time Off -PTO sick & casual leave
Bereavement & Volunteer Time - Giveback to your community
Professional Development -Reimbursement program
LinkedIn L&D Platform -Thousands of coursesat your fingertips
Mobile Phone Reimbursement -Stay connected on us
Cyderesis an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
IC
View more
View less
Job Location:
Monthly Salary:
Posted on:
19 hours ago
Vacancies:
1 Vacancy
