Security Platforms Engineer

Responsibilities

• Administer and maintain security platforms including Microsoft Defender Wiz CSPM SIEM tools firewall security solutions and other endpoint and cloud security technologies.
• Ensure security controls are implemented operational and functioning as intended across cloud endpoint and network environments.
• Monitor triage and investigate alerts generated by the SIEM and other security tools.
• Partner with the SOC to improve detection coverage reduce false positives and enhance alert fidelity.
• Assist in developing tuning and maintaining SIEM use cases correlation rules dashboards and detection policies.
• Work with infrastructure cloud and application teams to configure and validate log collection and ingestion into the SIEM.
• Support onboarding of new log sources and ensure logging is complete normalized and actionable for monitoring and investigations.
• Validate tool health integration status and telemetry flow across the security stack.
• Perform regular reviews of security tool configurations and recommend improvements to strengthen visibility and control effectiveness.
• Support incident response activities by providing tool expertise investigative analysis and technical troubleshooting.
• Document security tool configurations processes alert handling procedures and operational standards.
• Identify gaps in monitoring detection and control coverage and recommend remediation actions.
• Collaborate with internal stakeholders to support compliance audit and risk management requirements related to security tooling and monitoring.

Minimum Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science or related field or equivalent practical experience.
• Experience administering enterprise security tools such as Microsoft Defender SIEM platforms firewall security tools endpoint detection and response tools and cloud security platforms.

Preferred Skills and Experience

• Hands-on experience investigating security alerts and supporting incident analysis.
• Understanding of log sources event correlation detection engineering and SIEM ingestion pipelines.
• Knowledge of endpoint network identity and cloud security controls.
• Experience with Microsoft security technologies including Microsoft Defender for Endpoint Defender for Cloud or related tools.
• Familiarity with cloud security concepts and tools including CSPM solutions such as Wiz.
• Experience with SIEM platforms such as Microsoft Sentinel Splunk QRadar or similar.
• Familiarity with firewall technologies and network security monitoring.
• Experience tuning detection rules and reducing false positive alerts.
• Knowledge of MITRE ATT&CK threat detection methodologies and security operations best practices.
• Relevant certifications such as Security CySA SC-200 AZ-500 CISSP GCIA GCIH or similar.
• Ability to work cross-functionally with SOC infrastructure cloud and engineering teams.
• Strong troubleshooting analytical and documentation skills.

• Security tool administration
• SIEM monitoring and alert investigation
• Detection tuning and policy enhancement
• Log onboarding and ingestion support
• Cloud and endpoint security
• Cross-functional collaboration
• Incident support and technical analysis