Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
About the role
- Security Engineer responsible for managing Microsoft Sentinel and Defender XDR systems at Cyderes, a cybersecurity service provider. Focused on detection engineering and platform optimization in a hybrid work setting.
Responsibilities
- Support intake process including coverage for Eastern Standard Time business hours as required
- Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
- Perform health monitoring of Log ingestion pipelines, Data connector status, Automation playbooks, Analytics rule performance
- Monitor ingestion volumes and support cost optimization initiatives
- Assist in tenant standardization across multi-client MSSP environments
- Onboard new data sources into Microsoft Sentinel following established SOPs
- Validate connectivity, Confirm correct parsing and schema normalization
- Ensure events are visible and queryable in Log Analytics
- Integrate Microsoft Defender data sources: Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps
- Validate data integrity and entity mapping
- Troubleshoot ingestion or connector issues across Azure and third-party integrations
- Develop and maintain analytics rules (Scheduled, NRT, Fusion)
- Create and tune detection logic using KQL
- Reduce false positives through structured tuning and rule refinement
- Map detections to MITRE ATT&CK framework
- Improve alert fidelity and correlation between Defender XDR and Sentinel
- Maintain dashboards, workbooks, and reporting artifacts
- Assist in building reusable hunting and detection libraries
- Monitor Sentinel and Defender XDR alerts
- Perform Tier 2 triage and investigation of escalated alerts
- Provide clear documentation and escalation to MDR/SOC teams
- Support root cause investigations for platform or telemetry issues
- Assist with containment automation where applicable
- Develop and maintain Azure Logic App playbooks
- Automate response actions such as Device isolation, User disablement, IP blocking, Ticket creation
- Follow change management processes for configuration updates
- Test changes in lower environments when applicable
- Contribute to Runbooks, Standard operating procedures, Onboarding checklists, Detection documentation
- Document false positives and data quality issues
- Provide tuning feedback to senior engineers and architecture teams
- Stay current on Microsoft security roadmap changes
- Participate in internal training and knowledge-sharing sessions
Requirements
- Diploma or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)
- 3–5 years of experience in IT security, SOC, or security engineering roles
- Minimum 2 years hands-on experience with Microsoft Sentinel
- Experience with Microsoft Defender XDR suite
- Experience in MSSP or customer-facing environments preferred
- Exposure to multi-tenant environments (Azure Lighthouse preferred)
- Strong working knowledge of Microsoft Sentinel
- Strong working knowledge of Microsoft Defender XDR
- Strong working knowledge of Azure Log Analytics
- Proficiency in KQL
- Understanding of Windows & Linux logs
- Understanding of Azure AD / Entra ID
- Understanding of Networking fundamentals (TCP/IP, ports, firewalls, proxies)
- Understanding of Authentication & authorization models
- Experience with Azure Logic Apps
- Experience with REST APIs
- Experience with PowerShell or Python scripting
- Understanding of MITRE ATT&CK framework
- Familiarity with MDR operational workflows
- Strong analytical and problem-solving skills
- Clear written and verbal communication
- Ability to document investigations and platform changes thoroughly
- Customer-focused mindset
Benefits
- Health insurance
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.
Principal Information Security Consultant at Westpac focusing on security protocols and employee benefits for staff. Hybrid role centrally located with opportunities for professional development and employee perks.
Engineer supporting secure development lifecycle processes for product lines in the energy sector. Collaborating with R&D on security requirements and compliance audits.
Automation Oversight Engineer providing oversight of compliance in automated device configurations for Comcast Business. Managing configuration checks and reporting, ensuring reliable oversight and improvement strategies.
Principal Systems Engineer - Cybersecurity role in protecting our nation's products as part of Integrated Platform Solutions team. Develop solutions utilizing RMF, Anti - Tamper, Software Assurance, and more.
Agent de Sécurité assurant la sécurité des usagers du réseau de transport TBM. Rattaché au Manager de Proximité Sûreté, garantissant la qualité de service public de transport en commun.