CrawlJobs Logo
Robert Half Logo Robert Half · IT - Software Development

Microsoft Sentinel Engineer

United States, Miami · Job Posted April 27, 2026
Apply Position
Job Link Share

Job Description

We are looking for a skilled Microsoft Sentinel Engineer to design, build, and operationalize a Microsoft Sentinel Security Information and Event Management (SIEM) and SOAR solution from the ground up. This contract role is critical for establishing a modern, centralized security operations platform that ingests data from multiple sources, detects threats using advanced analytics, automates response through playbooks, and delivers actionable insights to leadership. The successful candidate will serve as the lead architect and implementer, responsible for configuring data connectors, developing custom KQL analytics rules, building automation workflows, and integrating Sentinel with existing tools and processes.

Job Responsibility

  • Architect and deploy Microsoft Sentinel from scratch in a greenfield environment
  • Configure and optimize data connectors for the following sources: Fortinet Firewall, Nutanix, Windows Servers & Endpoints, Microsoft 365 E5 Security, Veeam Backup
  • Develop custom KQL (Kusto Query Language) analytics rules for threat detection, anomaly detection, and hunting
  • Design and implement SOAR playbooks using Azure Logic Apps for automated investigation and response
  • Enable and tune User and Entity Behavior Analytics (UEBA)
  • Create executive-level workbooks and dashboards for leadership visibility and reporting
  • Integrate Microsoft Sentinel with the existing ticketing system for automated incident creation and orchestration
  • Establish ingestion cost controls, data retention policies, and optimization strategies
  • Develop runbooks, operational procedures, and knowledge transfer materials for the internal SOC team
  • Provide expert guidance on Sentinel best practices, scaling, and roadmap

Requirements

  • SC-200: Microsoft Security Operations Analyst (must be current)
  • AZ-500: Microsoft Azure Security Technologies (must be current)
  • 6+ years of hands-on experience with Microsoft Sentinel and Azure security technologies
  • Strong demonstrated expertise in writing and optimizing KQL (Kusto Query Language) queries and analytics rules
  • Proven experience deploying Sentinel in production environments, including data connector configuration, custom rule development, SOAR playbooks, UEBA, and integrations
  • Deep knowledge of Azure Logic Apps for automation and orchestration
  • Experience integrating Sentinel with third-party firewalls, backup solutions, hypervisors, and Microsoft 365 security tools
  • Solid understanding of security operations workflows, incident response processes, and SIEM/SOAR best practices

Nice to have

  • Experience in healthcare or regulated industries
  • Familiarity with Microsoft Defender suite and Entra ID integration with Sentinel
  • Prior work with MITRE ATT&CK framework mapping in analytics rules
  • Experience with Azure Data Explorer, Log Analytics workspaces, and cost management
  • Additional certifications such as SC-400 or MS-500

What we offer

  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Robert Half - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Microsoft Sentinel Engineer

8 matching positions

Senior Microsoft Sentinel Engineer

The Senior Microsoft Sentinel Engineer will be responsible for designing and mai...
Location
Location
Romania , Brasov
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field
  • Minimum 5-10 years of experience in a similar role
  • Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management
  • Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting
  • Deep understanding of security monitoring, threat detection methodologies, and incident response practices
  • Deep understanding of log source onboarding in Sentinel
  • Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps)
  • Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls
  • Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders
  • Linux proficiency
Job Responsibility
Job Responsibility
  • Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives
  • Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments
  • Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency
  • Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration
  • Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources
  • Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams
  • Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities
  • Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards
  • Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio
  • Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
  • Fulltime
Read More
Arrow Right

Junior Engineer Microsoft Sentinel

The Junior Security Engineer will support the operation and enhancement of secur...
Location
Location
Romania , Brasov
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in IT/ Finance / Business Administration, Project Management, or related fields
  • Minimum 1-3 years of experience in a similar role
  • Foundational understanding of SIEM concepts, security analytics, and incident response workflows
  • Basic familiarity with Microsoft Sentinel or comparable SIEM platforms
  • Introductory experience with KQL or willingness to learn and apply it regularly
  • Experience with Linux, Ansible, Terraform
  • General understanding of common security concepts such as logging, identity, endpoint security, and network fundamentals
  • Ability to analyze information methodically and communicate findings clearly
  • Preferred hands-on practice gained through internships, labs, home labs, or academic projects
  • Relevant certifications (e.g., SC-200, AZ-900, AZ-500, or equivalent introductory certifications)
Job Responsibility
Job Responsibility
  • Assist with the daily operation of Microsoft Sentinel, including monitoring data connectors, verifying log ingestion, and supporting health checks
  • Contribute to the creation and refinement of analytic rules, detection logic, dashboards, and workbooks
  • Develop and maintain KQL queries for reporting, basic threat hunting, and alert investigations
  • Support the creation and testing of SOAR playbooks to automate response workflows and routine tasks
  • Participate in incident triage by reviewing alerts, gathering relevant data, and escalating findings as needed
  • Document processes, investigation steps, detection logic, and playbook procedures in a consistent and organized manner
  • Assist in integrating new log sources into Sentinel, ensuring proper configuration and data validation
  • Work with senior engineers, SOC analysts, and IT teams to help ensure timely follow-up on investigations and remediation activities
  • Contribute to the continuous improvement of detections, alert quality, and visibility across cloud and on-premises environments
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right
New

Microsoft Sentinel SME

An experienced Microsoft Sentinel SME is required to support a major security tr...
Location
Location
United Kingdom , London
Salary
Salary:
525.00 - 600.00 GBP / Day
xcede.com Logo
Xcede
Expiration Date
July 17, 2026
Flip Icon
Requirements
Requirements
  • Proven experience as a Microsoft Sentinel SME within enterprise environments
  • Strong expertise in Microsoft Sentinel architecture, deployment, and administration
  • Advanced Kusto Query Language (KQL) skills
  • Strong background in SIEM engineering, detection engineering, and threat hunting
  • Experience with Microsoft Defender technologies including Defender XDR, Defender for Endpoint, Defender for Identity, and Defender for Cloud
  • Experience building automation and orchestration workflows using Logic Apps
  • Good understanding of Azure security services and cloud-native security controls
  • Strong knowledge of security operations, incident response, and cyber defence principles
Job Responsibility
Job Responsibility
  • Act as the technical lead and subject matter expert for Microsoft Sentinel
  • Review and optimise existing Sentinel deployments, analytics rules, and workbooks
  • Design, build, and tune threat-detection use cases aligned with current threats
  • Develop advanced KQL queries for monitoring, threat hunting, and investigations
  • Integrate new data sources and improve security visibility across the estate
  • Create and enhance automated response workflows using Logic Apps and Sentinel playbooks
  • Work closely with Security Operations, Infrastructure, Cloud, and Engineering teams
  • Support incident investigations and threat-hunting activities
  • Provide recommendations for improving monitoring coverage, detection fidelity, and operational effectiveness
What we offer
What we offer
  • Outside IR35
  • Hybrid (3 days WFH)
Read More
Arrow Right
New

Microsoft Security Engineer

A leading financial services organisation is seeking an experienced Microsoft Se...
Location
Location
United Kingdom , London
Salary
Salary:
525.00 - 600.00 GBP / Day
xcede.com Logo
Xcede
Expiration Date
July 17, 2026
Flip Icon
Requirements
Requirements
  • Proven experience engineering security solutions using Microsoft security technologies
  • Strong knowledge of Microsoft Defender XDR, including: Defender for Endpoint
  • Defender for Identity
  • Defender for Office 365
  • Defender for Cloud Apps
  • Defender for Cloud
  • Experience implementing and managing Microsoft Sentinel
  • Strong understanding of Microsoft Entra ID (Azure AD), Conditional Access, Identity Protection, and Privileged Identity Management
  • Experience securing Azure environments and implementing cloud security controls
  • Strong troubleshooting and integration skills across complex enterprise environments
Job Responsibility
Job Responsibility
  • Design, implement, and optimise security controls across the Microsoft security stack
  • Engineer solutions leveraging Microsoft Defender, Microsoft Sentinel, Entra ID, and Azure security services
  • Lead the deployment and integration of security technologies across cloud and hybrid environments
  • Configure and enhance security monitoring, threat detection, and response capabilities
  • Implement identity and access management controls, including Conditional Access and Privileged Identity Management (PIM)
  • Improve endpoint security posture through Microsoft Defender for Endpoint
  • Work closely with infrastructure, cloud, networking, and security teams to deliver security enhancements
  • Develop automation and operational efficiencies using PowerShell, Logic Apps, and other Microsoft-native technologies
  • Produce technical documentation, implementation plans, and engineering standards
What we offer
What we offer
  • Outside IR35
  • 3 days WFH
Read More
Arrow Right

Microsoft Security Engineer

We are seeking a highly skilled and results-driven Microsoft Security Engineer t...
Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
codec.ie Logo
Codec
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep, hands-on experience with the deployment and configuration of Microsoft Azure security services (Azure Policy, Network Security, Key Vault) and E5 Security
  • Expert proficiency in configuring and managing Entra ID (formerly Azure AD), including advanced features like Conditional Access Policies, PIM, MFA, and SSO integrations
  • Proven implementation experience with the Microsoft Defender Suite and Microsoft Sentinel
  • Practical hands-on experience implementing Microsoft Purview, specifically configuring DLP policies, sensitivity labeling, and retention labels
  • Strong practical knowledge of managing security controls for Windows and mobile endpoints using Microsoft Intune
  • Excellent ability to follow detailed technical implementation plans and execute tasks efficiently
  • Strong troubleshooting and analytical skills to diagnose and resolve complex technical security and compliance issues
  • Meticulous attention to detail in technical configuration and as-built documentation
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain core Microsoft security technologies, including Azure Networking Security components (Azure Firewall, NSGs, Azure WAF) and Entra ID services (Conditional Access, PIM, Entra Private Access)
  • Execute the onboarding and fine-tuning of the Microsoft Defender suite (e.g., Defender for Endpoint, Defender for Cloud, Defender for Office 365) across customer environments
  • Implement and manage Microsoft Sentinel for security information and event management (SIEM), including connector deployment, playbook automation, and custom rule creation
  • Implement and configure Microsoft Purview capabilities, including Data Loss Prevention (DLP) policies, Information Protection (sensitivity labels, encryption), and records management features
  • Configure eDiscovery, communication compliance, and audit log settings within Purview to meet regulatory and data protection requirements (e.g., GDPR, ISO 27001)
  • Define and apply data classification schemes and retention policies across various data sources using Purview tools
  • Implement and manage Microsoft Intune policies for endpoint security, compliance, and device configuration
  • Configure advanced Identity and Access Management (IAM) solutions within Entra ID, focusing on least privilege principles and identity governance
  • Perform security hardening and ensure operational compliance through the implementation of Azure Policy, and resource locks
  • Produce clear, detailed, and up-to-date technical runbooks, configuration guides, and as-built documentation for all implemented security and compliance solutions
  • Fulltime
Read More
Arrow Right

Microsoft Security Engineer

Location
Location
Ireland , Dublin
Salary
Salary:
Not provided
codec.uk Logo
Codec UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep, hands-on experience with the deployment and configuration of Microsoft Azure security services (Azure Policy, Network Security, Key Vault) and E5 Security
  • Expert proficiency in configuring and managing Entra ID (formerly Azure AD), including advanced features like Conditional Access Policies, PIM, MFA, and SSO integrations
  • Proven implementation experience with the Microsoft Defender Suite and Microsoft Sentinel
  • Practical hands-on experience implementing Microsoft Purview, specifically configuring DLP policies, sensitivity labeling, and retention labels
  • Strong practical knowledge of managing security controls for Windows and mobile endpoints using Microsoft Intune
  • Excellent ability to follow detailed technical implementation plans and execute tasks efficiently
  • Strong troubleshooting and analytical skills to diagnose and resolve complex technical security and compliance issues
  • Meticulous attention to detail in technical configuration and as-built documentation
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain core Microsoft security technologies, including Azure Networking Security components (Azure Firewall, NSGs, Azure WAF) and Entra ID services (Conditional Access, PIM, Entra Private Access)
  • Execute the onboarding and fine-tuning of the Microsoft Defender suite (e.g., Defender for Endpoint, Defender for Cloud, Defender for Office 365) across customer environments
  • Implement and manage Microsoft Sentinel for security information and event management (SIEM), including connector deployment, playbook automation, and custom rule creation
  • Implement and configure Microsoft Purview capabilities, including Data Loss Prevention (DLP) policies, Information Protection (sensitivity labels, encryption), and records management features
  • Configure eDiscovery, communication compliance, and audit log settings within Purview to meet regulatory and data protection requirements (e.g., GDPR, ISO 27001)
  • Define and apply data classification schemes and retention policies across various data sources using Purview tools
  • Implement and manage Microsoft Intune policies for endpoint security, compliance, and device configuration
  • Configure advanced Identity and Access Management (IAM) solutions within Entra ID, focusing on least privilege principles and identity governance
  • Perform security hardening and ensure operational compliance through the implementation of Azure Policy, and resource locks
  • Produce clear, detailed, and up-to-date technical runbooks, configuration guides, and as-built documentation for all implemented security and compliance solutions
  • Fulltime
Read More
Arrow Right

Microsoft Cloud Engineer

e2e-assure are recruiting a Microsoft Cloud Engineer with existing skill-levels ...
Location
Location
United Kingdom , Oxfordshire
Salary
Salary:
40000.00 - 50000.00 GBP / Year
e2e-assure.com Logo
e2e-assure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Essential AZ-500 and/or SC-400 Certified or demonstrated experience working with Microsoft Azure, Office 365, SharePoint Online, Azure Sentinel, Microsoft Defender Suite, or Azure Purview
  • Strong understanding of cloud computing concepts, including IaaS, PaaS, and SaaS
  • Excellent problem-solving skills and attention to detail
  • Strong communication and collaboration skills, with the ability to work effectively in a team environment
  • 5 years residency in UK or pre-existing Security Clearance
Job Responsibility
Job Responsibility
  • Design, deploy, and maintain Microsoft cloud solutions, including Azure infrastructure, Office 365 applications, SharePoint Online sites, Azure Sentinel, Microsoft Defender Suite, Intune and Purview
  • Implement and manage Azure Purview to ensure data discovery, classification, lineage, and compliance with regulatory requirements
  • Collaborate with cross-functional teams to gather requirements, design solutions, and implement cloud-based architectures that meet business needs
  • Manage and monitor cloud environments to ensure optimal performance, scalability, and security
  • Secure on-premise and cloud servers, virtual machines, and end-user devices using industry best practices and Microsoft security tools
  • Monitor, maintain, and secure on-premise devices such as servers, Virtual Desktop Infrastructures (VDIs), and end-user devices to ensure optimal performance and security posture
  • Troubleshoot and resolve technical issues related to Microsoft cloud services in a timely manner
  • Stay up-to-date with the latest Microsoft cloud technologies and industry trends to provide recommendations for continuous improvement
  • Fulltime
Read More
Arrow Right
New

Ts Cross Technology Systems Integration Specialist

The Collaboration Technical Services (TS) Systems Integration Specialist is a se...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Seasoned understanding and appreciation of technical design and business principles
  • Seasoned project fundamental and administration ability
  • Seasoned project skills which are demonstrated in the execution of installations and other assignments
  • Excellent customer engagement skills
  • Demonstrate relevant domain specialist knowledge
  • Excellent verbal communication skills
  • Client focused and displays a proactive approach to solving problems
  • Ability to work under pressure
  • Ability to coach, mentor and provide guidance to team members
  • Bachelor's degree or equivalent in Information Technology or Computing or a related field
Job Responsibility
Job Responsibility
  • Interacts with clients on site and remote to meet complex requirements of a solution
  • Escalates unresolved problems and issues to the relevant third parties
  • Responds to escalated client requests
  • Escalates complex problems to the relevant third parties
  • Writes reports and proposals and completes and maintains project documentation
  • Assists with the documentation of standard operating procedures relating to installations and fixes
  • Acts as coach and mentor to more junior Implementation Engineers and Technicians
  • Assumes responsibility for the coordination of the activities of the junior Engineers, in line with performance targets
  • Included in higher complexity design work, with input to the design expected
  • Expected to take ownership of relevant technologies according to domain or specialization
  • Fulltime
Read More
Arrow Right