Senior Security Engineer

About the Role:

Do you want to be on the frontline fighting for safe use within the digital frontier Does describing

your job to your family and friends as being a cyberwarrior or threat hunter sound awesome or

awe-inspiring Then join us as part of our Security Operations Center (SOC) Engineering team as

a Microsoft Services Subject Matter Expert (SME) supporting our frontline Threat Hunters.

In addition, given the rapid changes within the Microsoft ecosystem, you will also be working

cross-functionally with Product Management and R&D Engineering to drive differentiation within

our service as well as with our Business Development team to help maintain the relationship with

Microsoft.

Whil this role will have business responsibilities that will help you expand your career options, the

primary day-to-day role is as a Security Engineer. As a Security Engineer, you will serve as a

critical support system for the SOC. You will create, enhance, and tune rules and detections so that

the SOC can best defend our client's networks. Your goal will be to continually improve the

detection and alerting that the SOC receives. In some cases, you will work directly with clients to

ensure that they send us the most beneficial and important data. You will leverage our tech stack,

elements of Microsoft, and provide ongoing support both internally and externally.

In short, you will be a critical member of the team using Microsoft Defender, Microsoft Sentinel,

Microsoft Suite including Purview, Entra, Intune tools, the proprietary SIEM and SOAR as well as

other products and services to protect our clients in the ever-changing threat landscape.

Responsibilities:

Stay on the forefront of the Microsoft ecosystem

Drive security detection improvements

Tune existing alerts and client data in our SIEM tooling for optimal performance.

Identify workflow improvements and curate new automations through our SOAR platform

Assist in continuous improvement efforts to evaluate detection and response capabilities

Develop methods to detect potential threats

Maintain the SOAR platform in support of day-to-day SOC activities

Work with cross-functional teams to enhance detection capabilities

Other duties as assigned

Qualifications:

Strong understanding of tuning alerts and pertinent logs to aid in detecting threats

Expert knowledge of Microsoft including, but not limited to Defender, Sentinel, Purview,

Entra, and Intune

Experience building data retrieval from the Microsoft security ecosystem

Leveraging detection mechanisms within SIEMs and SOAR

A strong understanding of cyber-attacks, MITRE ATT&CK framework, emerging threats

and threat modeling as well as security research techniques

Intermediate experience with Python, PowerShell ,Bash or Go.

Intermediate experience with IDS/IPS systems

Talents:

Ability to adjust and adapt in a fast pace and dynamic environment, including changes in

responsibilities as the business evolves.

Capacity for Synthesis: bring together disparate elements to create a coherent entity or a

big-picture overview to gain a new perspective

Applied Technical Thinking: apply specialized, theoretical knowledge to efficient

operational uses

Demonstrate strong composure with a balance of urgency and intensity, as well as focus