Safety Specialist focused on fortifying safety culture through engineering and efficiency measures. Managing compliance and conducting training in a hybrid work setting.
About the role
- Security Engineer responsible for managing Microsoft Sentinel and Defender XDR systems at Cyderes, a cybersecurity service provider. Focused on detection engineering and platform optimization in a hybrid work setting.
Responsibilities
- Support intake process including coverage for Eastern Standard Time business hours as required
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of Log ingestion pipelines, Data connector status, Automation playbooks, Analytics rule performance
- Monitor ingestion volumes and support cost optimization initiatives
- Assist in tenant standardization across multi-client MSSP environments
- Onboard new data sources into Microsoft Sentinel following established SOPs
- Validate connectivity, Confirm correct parsing and schema normalization
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources: Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
- Develop and maintain analytics rules (Scheduled, NRT, Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards, workbooks, and reporting artifacts
- Assist in building reusable hunting and detection libraries
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 triage and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support root cause investigations for platform or telemetry issues
- Assist with containment automation where applicable
- Develop and maintain Azure Logic App playbooks
- Automate response actions such as Device isolation, User disablement, IP blocking, Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
- Contribute to Runbooks, Standard operating procedures, Onboarding checklists, Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
- Participate in internal training and knowledge-sharing sessions
Requirements
- Diploma or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)
- 3–5 years of experience in IT security, SOC, or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments preferred
- Exposure to multi-tenant environments (Azure Lighthouse preferred)
- Strong working knowledge of Microsoft Sentinel
- Strong working knowledge of Microsoft Defender XDR
- Strong working knowledge of Azure Log Analytics
- Proficiency in KQL
- Understanding of Windows & Linux logs
- Understanding of Azure AD / Entra ID
- Understanding of Networking fundamentals (TCP/IP, ports, firewalls, proxies)
- Understanding of Authentication & authorization models
- Experience with Azure Logic Apps
- Experience with REST APIs
- Experience with PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to document investigations and platform changes thoroughly
- Customer-focused mindset
Benefits
- Health insurance
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Manufacturing Security Specialist ensuring safe and secure satellite manufacturing at ICEYE. Focused on protecting facilities, production, and sensitive information from threats.
Information Security Specialist responsible for implementing security solutions in Tokio Marine. Analyzing and enhancing cybersecurity architectures and tools for diverse IT projects.
Security Engineer II focusing on EDR at Cyderes, providing expert technical support and improving security postures across enterprise environments.
Entra ID Security Specialist developing Identity & Access Management solutions focusing on Microsoft Entra ID. Strategically enhancing modern identity and security architectures in a hybrid work environment.
Senior Staff IT Security Auditor leading complex audit engagements for WGU. Strengthening security posture while mentoring junior analysts and collaborating across teams.
Support security operations by handling incidents and providing first - line support for ICEYE. This includes incident management to ensure timely action by the appropriate teams.
Facility Security Specialist at ICEYE ensuring secure operations through defense - grade security practices. Protecting personnel, facilities, classified information, and compliance with national standards.
Security Officer for United Security providing security solutions to clients. Patrol locations, respond to incidents, and inspect safety equipment.
Cybersecurity Engineer developing and implementing information security programs at Arcwood. Collaborating with IT to support production environment and maintain security operations.