Sentinel Engineer

Were seeking a Microsoft Sentinel Implementation Engineer to design, deploy, and optimize Microsoft Sentinel and Defender-based SOC environments. This role supports SOC operations by enabling efficient log ingestion, developing analytic rules, and automating detections across cloud and on-prem sources.

Key Responsibilities:

• 6-8 years of experience in administering and optimizing Microsoft Sentinel (connectors, analytic rules, workbooks, playbooks).
• Integrate and normalize log data from Defender, firewalls, M365, and third-party tools.
• Build KQL queries, correlation rules, and SOAR automation (Logic Apps).
• Optimize data ingestion and storage for performance and cost efficiency.
• Collaborate with SOC teams to enhance detection coverage and reduce alert fatigue.
• Maintain and fine-tune Microsoft Defender XDR integrations with Sentinel.

Preferred Skills & Certifications:

Strong KQL and PowerShell skills; familiarity with Azure Monitor, AMA, and security APIs.

Certifications: SC-200, AZ-500, or SC-100 preferred.