Sentinel Engineer

We're seeking a Microsoft Sentinel Implementation Engineer to design, deploy, and optimize Microsoft Sentinel and Defender-based SOC environments. This role supports SOC operations by enabling efficient log ingestion, developing analytic rules, and automating detections across cloud and on-prem sources.

Key Responsibilities:

- 6-8 years of experience in administering and optimizing Microsoft Sentinel (connectors, analytic rules, workbooks, playbooks). - Integrate and normalize log data from Defender, firewalls, M365, and third-party tools. - Build KQL queries, correlation rules, and SOAR automation (Logic Apps). - Optimize data ingestion and storage for performance and cost efficiency. - Collaborate with SOC teams to enhance detection coverage and reduce alert fatigue. - Maintain and fine-tune Microsoft Defender XDR integrations with Sentinel.

Preferred Skills & Certifications:

Strong KQL and PowerShell skills; familiarity with Azure Monitor, AMA, and security APIs.

Certifications: SC-200, AZ-500, or SC-100 preferred.