CrawlJobs Logo

Junior Engineer Microsoft Sentinel

nttdata.com Logo

NTT DATA

Location Icon

Location:
Romania , Brasov

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Junior Security Engineer will support the operation and enhancement of security monitoring capabilities using Microsoft Sentinel. This role focuses on assisting with log ingestion, alert tuning, and investigative tasks under the guidance of senior engineers. Ideal for individuals starting their career in security engineering with a strong interest in cloud security and SIEM operations.

Job Responsibility:

  • Assist with the daily operation of Microsoft Sentinel, including monitoring data connectors, verifying log ingestion, and supporting health checks
  • Contribute to the creation and refinement of analytic rules, detection logic, dashboards, and workbooks
  • Develop and maintain KQL queries for reporting, basic threat hunting, and alert investigations
  • Support the creation and testing of SOAR playbooks to automate response workflows and routine tasks
  • Participate in incident triage by reviewing alerts, gathering relevant data, and escalating findings as needed
  • Document processes, investigation steps, detection logic, and playbook procedures in a consistent and organized manner
  • Assist in integrating new log sources into Sentinel, ensuring proper configuration and data validation
  • Work with senior engineers, SOC analysts, and IT teams to help ensure timely follow-up on investigations and remediation activities
  • Contribute to the continuous improvement of detections, alert quality, and visibility across cloud and on-premises environments

Requirements:

  • Bachelor's degree in IT/ Finance / Business Administration, Project Management, or related fields
  • Minimum 1-3 years of experience in a similar role
  • Foundational understanding of SIEM concepts, security analytics, and incident response workflows
  • Basic familiarity with Microsoft Sentinel or comparable SIEM platforms
  • Introductory experience with KQL or willingness to learn and apply it regularly
  • Experience with Linux, Ansible, Terraform
  • General understanding of common security concepts such as logging, identity, endpoint security, and network fundamentals
  • Ability to analyze information methodically and communicate findings clearly
  • Preferred hands-on practice gained through internships, labs, home labs, or academic projects
  • Relevant certifications (e.g., SC-200, AZ-900, AZ-500, or equivalent introductory certifications)
  • Exposure to Microsoft Defender XDR solutions or other cloud security services
  • Introductory experience with scripting languages such as PowerShell or Python
  • Excellent command of both spoken and written English

Nice to have:

German would be nice to have

What we offer:
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events

Additional Information:

Job Posted:
January 24, 2026

Work Type:
Remote work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Junior Engineer Microsoft Sentinel

Technical Engineering Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • Extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
  • Fulltime
Read More
Arrow Right

Technical Engineer Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • An extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
Read More
Arrow Right

Implementation Engineer

The Senior Onboarding Engineer owns the end-to-end client onboarding process — f...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
zazz.io Logo
Zazz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven MSP onboarding experience across multiple clients and environments
  • Hands-on expertise in NinjaOne RMM / PSA configuration, automation, and scripting
  • Deep knowledge of Microsoft 365, Entra ID, Intune, Defender for Endpoint, Defender for Office 365
  • Practical experience in Axcient x360Recover / x360Cloud backup configuration and restore validation
  • Strong understanding of Meraki networking, Cisco VPN, and SNMP monitoring
  • Familiarity with Microsoft Sentinel, Purview, and Cynomi compliance tools
  • Proficiency in PowerShell and Bash for automation and policy enforcement
  • Strong documentation discipline with IT Glue, Zoho Vault, and SharePoint
  • Excellent understanding of MSP operations, SLAs, and ITIL processes
Job Responsibility
Job Responsibility
  • Act as the technical lead for new client onboarding engagements
  • Conduct kick-off calls with clients, gather infrastructure data, define timelines, and document scope of onboarding
  • Translate SOWs and service catalogs into actionable onboarding plans with milestones and dependencies
  • Collaborate with MSP Lead, vCISO, and TAMs to align security, compliance, and operational requirements
  • Lead discovery across on-prem, hybrid, and cloud environments: servers, endpoints, firewalls, switches, VPNs, M365 tenants, backups
  • Use NinjaOne, Intune, and network scanning tools to build the initial device inventory
  • Evaluate existing patch levels, AV coverage, backup health, and identity configurations
  • Document full environment architecture in IT Glue with asset hierarchy and configuration snapshots
  • Design and implement NinjaOne RMM configurations for new clients — groups, automation jobs, patch policies, alerts, and scripts
  • Integrate RMM with PSA modules for ticket creation, escalation, and SLA tracking
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Truveta is the world’s first health provider led data platform with a vision of ...
Location
Location
United States , Seattle
Salary
Salary:
135000.00 - 180000.00 USD / Year
truveta.com Logo
Truveta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cyber Security, Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience
  • 5+ years of experience in Security Operations (SOC), Incident Response, or Detection & Response role, with demonstrated ownership of complex security incidents
  • Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, Cloud Apps)
  • Proficiency in KQL (Kusto Query Language) for investigations, threat hunting, and detection engineering
  • Experience designing, tuning, and maintaining SIEM detections and SOAR automation, including alert triage and response workflows
  • Solid understanding of Azure cloud architecture, core services, and native security controls
  • Familiarity with Azure Entra ID, identity security concepts, RBAC, and IAM-related threats
  • Experience with handing high-severity security incidents, including cross-team coordination and stakeholder communication
  • Familiarity with MITRE ATT&CK, threat actor techniques, and modern attack methodologies across cloud, identity, and endpoint environments
  • Experience supporting on-call rotations and working in a 24/7 or follow-the-sun SOC environment
Job Responsibility
Job Responsibility
  • Incident Response: Handle investigation and response to security incidents across endpoints, identities, email, cloud workloads, and SaaS applications
  • Act as a senior escalation point for SOC analysts during complex or ambiguous security events
  • Participate in on-call rotations and provide senior-level escalation support when needed
  • Lead or contribute to post-incident reviews (RCA, postmortems) and track remediation actions to completion
  • Ensure incidents are accurately documented for audit, compliance, and operational learning
  • Maintain and improve incident response runbooks, playbooks, and escalation procedures
  • Support incident readiness activities, including tabletop exercises and response drills
  • Detection Engineering & Automation: Develop, tune, and maintain Microsoft Sentinel analytics rules to improve detection quality and reduce false positives
  • Design and optimize KQL queries for investigations, threat hunting, and detection engineering
  • Integrate and maintain log sources and data connectors in Microsoft Sentinel, ensuring data quality and proper normalization
What we offer
What we offer
  • Interesting and meaningful work for every career stage
  • Great benefits package
  • Comprehensive benefits with strong medical, dental and vision insurance plans
  • 401K plan
  • Professional development & training opportunities for continuous learning
  • Work/life autonomy via flexible work hours and flexible paid time off
  • Generous parental leave
  • Regular team activities (virtual and in-person)
  • Fulltime
Read More
Arrow Right

Senior Microsoft Sentinel Engineer

The Senior Microsoft Sentinel Engineer will be responsible for designing and mai...
Location
Location
Romania , Brasov
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field
  • Minimum 5-10 years of experience in a similar role
  • Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management
  • Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting
  • Deep understanding of security monitoring, threat detection methodologies, and incident response practices
  • Deep understanding of log source onboarding in Sentinel
  • Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps)
  • Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls
  • Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders
  • Linux proficiency
Job Responsibility
Job Responsibility
  • Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives
  • Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments
  • Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency
  • Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration
  • Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources
  • Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams
  • Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities
  • Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards
  • Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio
  • Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
  • Fulltime
Read More
Arrow Right

Sr SecOps Engineer/ Consultant

The Senior Security Operations (SecOps) Engineer is a hands-on technical leader ...
Location
Location
United States , Houston
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep experience with SIEM tools (preferably Microsoft Sentinel)
  • strong incident response expertise
  • solid understanding of OT/ICS security
Job Responsibility
Job Responsibility
  • Advanced threat detection
  • incident response
  • security operations across both IT and OT (including SCADA) environments
  • serving as a key escalation point for complex incidents
  • leading investigations involving network, endpoint, identity, and cloud threats
  • partnering closely with engineering, infrastructure, and compliance teams
  • improving SOC processes
  • tuning detections
  • mentoring junior analysts
  • strengthening overall security posture
  • Fulltime
Read More
Arrow Right

IT Systems Engineer | Infrastructure Engineer

We are seeking an Adelaide-based Systems Engineer to take ownership of our core ...
Location
Location
Australia , Adelaide
Salary
Salary:
Not provided
dyflex.com.au Logo
DyFlex Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in systems engineering / systems administration or infrastructure engineering
  • Deep expertise in the Microsoft ecosystem, including Windows Server 2022, Entra ID (hybrid), Azure, and Microsoft 365
  • Proven ability to automate processes using PowerShell (advanced scripting) and/or Power Automate
  • Strong background in cybersecurity uplift: patching, hardening, vulnerability remediation, and identity/endpoint security
  • Hands‑on experience with ASD Essential Eight, with exposure to ISO 27001 or SOC 2 considered highly advantageous
  • Experience in firewall administration (e.g., Sophos), routing/switching fundamentals, and secure remote access design
  • Experience supporting or administering Linux (SUSE preferred) within a predominantly Windows environment
  • Demonstrated ability to deliver technical upgrades end‑to‑end with high‑quality documentation and handover
  • Experience producing clear technical diagrams and architectural documentation
  • Strong communication, collaboration, and coaching skills, with the ability to guide junior team members
Job Responsibility
Job Responsibility
  • Manage and optimise our Microsoft ecosystem, including Windows Server, Active Directory, and Microsoft 365
  • Administer and enhance Microsoft Entra ID in a hybrid environment, including Conditional Access, SSO integrations, and identity security controls
  • Lead our cybersecurity uplift, driving vulnerability remediation, system hardening, Essential Eight maturity, and Microsoft Defender improvements
  • Contribute to the implementation and operationalisation of Microsoft Sentinel, including onboarding data sources and alert tuning
  • Architect, manage, and scale our Azure environment (IaaS/PaaS) to support a rapidly growing national team
  • Act as the final Level 3 escalation point for complex server, identity, networking, and endpoint issues
  • Oversee network integrity and security, including firewall management, site‑to‑site VPNs, remote access VPNs, and uplift of network segmentation
  • Drive infrastructure automation and consistency by developing and maintaining advanced PowerShell scripts and automations
  • Support and enhance our SOE, server build patterns, platform standards, and operational processes
  • Maintain and monitor our mixed environment, including SUSE Linux servers used for internal projects
What we offer
What we offer
  • A flexible and supportive work environment
  • Competitive remuneration and benefits including novated lease, birthday leave, salary packaging, wellbeing programme, additional purchased leave, and company-provided laptop
  • Comprehensive SAP training and certifications
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

The Senior SOC Analyst will play a crucial role in enhancing security operations...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be able to obtain SC Clearance or already hold SC clearance
  • SIEM Expertise: Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right