CrawlJobs Logo

Microsoft Sentinel Engineer

https://www.roberthalf.com Logo

Robert Half

Location Icon

Location:
United States , Miami

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a skilled Microsoft Sentinel Engineer to design, build, and operationalize a Microsoft Sentinel Security Information and Event Management (SIEM) and SOAR solution from the ground up. This contract role is critical for establishing a modern, centralized security operations platform that ingests data from multiple sources, detects threats using advanced analytics, automates response through playbooks, and delivers actionable insights to leadership. The successful candidate will serve as the lead architect and implementer, responsible for configuring data connectors, developing custom KQL analytics rules, building automation workflows, and integrating Sentinel with existing tools and processes.

Job Responsibility:

  • Architect and deploy Microsoft Sentinel from scratch in a greenfield environment
  • Configure and optimize data connectors for the following sources: Fortinet Firewall, Nutanix, Windows Servers & Endpoints, Microsoft 365 E5 Security, Veeam Backup
  • Develop custom KQL (Kusto Query Language) analytics rules for threat detection, anomaly detection, and hunting
  • Design and implement SOAR playbooks using Azure Logic Apps for automated investigation and response
  • Enable and tune User and Entity Behavior Analytics (UEBA)
  • Create executive-level workbooks and dashboards for leadership visibility and reporting
  • Integrate Microsoft Sentinel with the existing ticketing system for automated incident creation and orchestration
  • Establish ingestion cost controls, data retention policies, and optimization strategies
  • Develop runbooks, operational procedures, and knowledge transfer materials for the internal SOC team
  • Provide expert guidance on Sentinel best practices, scaling, and roadmap

Requirements:

  • SC-200: Microsoft Security Operations Analyst (must be current)
  • AZ-500: Microsoft Azure Security Technologies (must be current)
  • 6+ years of hands-on experience with Microsoft Sentinel and Azure security technologies
  • Strong demonstrated expertise in writing and optimizing KQL (Kusto Query Language) queries and analytics rules
  • Proven experience deploying Sentinel in production environments, including data connector configuration, custom rule development, SOAR playbooks, UEBA, and integrations
  • Deep knowledge of Azure Logic Apps for automation and orchestration
  • Experience integrating Sentinel with third-party firewalls, backup solutions, hypervisors, and Microsoft 365 security tools
  • Solid understanding of security operations workflows, incident response processes, and SIEM/SOAR best practices

Nice to have:

  • Experience in healthcare or regulated industries
  • Familiarity with Microsoft Defender suite and Entra ID integration with Sentinel
  • Prior work with MITRE ATT&CK framework mapping in analytics rules
  • Experience with Azure Data Explorer, Log Analytics workspaces, and cost management
  • Additional certifications such as SC-400 or MS-500
What we offer:
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan

Additional Information:

Job Posted:
April 27, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Robert Half - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Microsoft Sentinel Engineer

Microsoft Cloud Engineer

e2e-assure are recruiting a Microsoft Cloud Engineer with existing skill-levels ...
Location
Location
United Kingdom , Oxfordshire
Salary
Salary:
40000.00 - 50000.00 GBP / Year
e2e-assure.com Logo
e2e-assure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Essential AZ-500 and/or SC-400 Certified or demonstrated experience working with Microsoft Azure, Office 365, SharePoint Online, Azure Sentinel, Microsoft Defender Suite, or Azure Purview
  • Strong understanding of cloud computing concepts, including IaaS, PaaS, and SaaS
  • Excellent problem-solving skills and attention to detail
  • Strong communication and collaboration skills, with the ability to work effectively in a team environment
  • 5 years residency in UK or pre-existing Security Clearance
Job Responsibility
Job Responsibility
  • Design, deploy, and maintain Microsoft cloud solutions, including Azure infrastructure, Office 365 applications, SharePoint Online sites, Azure Sentinel, Microsoft Defender Suite, Intune and Purview
  • Implement and manage Azure Purview to ensure data discovery, classification, lineage, and compliance with regulatory requirements
  • Collaborate with cross-functional teams to gather requirements, design solutions, and implement cloud-based architectures that meet business needs
  • Manage and monitor cloud environments to ensure optimal performance, scalability, and security
  • Secure on-premise and cloud servers, virtual machines, and end-user devices using industry best practices and Microsoft security tools
  • Monitor, maintain, and secure on-premise devices such as servers, Virtual Desktop Infrastructures (VDIs), and end-user devices to ensure optimal performance and security posture
  • Troubleshoot and resolve technical issues related to Microsoft cloud services in a timely manner
  • Stay up-to-date with the latest Microsoft cloud technologies and industry trends to provide recommendations for continuous improvement
  • Fulltime
Read More
Arrow Right

Security Engineer

Airspace Link is seeking a Security Engineer to support the security posture of ...
Location
Location
United States , Detroit
Salary
Salary:
Not provided
airspacelink.com Logo
Airspace Link
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in security engineering, cloud security, SOC/IR operations, or related hands-on security roles
  • Working knowledge of Azure security concepts and Microsoft cloud security tools
  • Practical experience with: Microsoft Defender for Cloud, Endpoint, Identity, and Cloud Apps
  • Microsoft Sentinel (KQL querying, incident investigation, dashboards)
  • Microsoft Intune / Endpoint Manager (MDM/MAM)
  • Microsoft Purview (DLP and compliance tooling)
  • Hands-on experience supporting vulnerability remediation with engineering teams
  • Familiarity with Terraform, secure CI/CD practices, and cloud configuration management
  • Strong written and verbal communication skills with the ability to collaborate cross-functionally
Job Responsibility
Job Responsibility
  • Assist with implementing and maintaining security controls within Azure and SaaS environments
  • Support the incident response lifecycle, including initial investigation, coordination with engineering, and documentation of remediation actions
  • Monitor, tune, and assist in the operation of the Microsoft Defender suite (Defender for Cloud, Endpoint, Identity, Cloud Apps, and Vulnerability Management)
  • Support mobile device management (MDM) and endpoint compliance using Microsoft Intune and Endpoint Manager
  • Partner with engineering teams to identify, prioritize, and track remediation of vulnerabilities across applications, cloud infrastructure, and CI/CD pipelines
  • Help implement and maintain Entra ID Conditional Access and Privileged Identity Management (PIM)
  • Assist in integrating DevSecOps guardrails within Azure DevOps and GitHub pipelines (e.g., CodeQL, IaC scanning, secret governance)
  • Participate in developing dashboards and analytics in Microsoft Sentinel, including KQL queries and incident correlation support
  • Contribute to threat modeling and risk assessments as part of project reviews
  • Support the creation and upkeep of security configuration baselines, Terraform modules, and policy templates
  • Fulltime
Read More
Arrow Right

Security Cloud Solution Architect

With over 17,000 employees worldwide, the Microsoft Customer Experience & Succes...
Location
Location
Oman , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology, Engineering, Business, Cybersecurity, or related field
  • 5+ years experience in cloud/infrastructure technologies, cybersecurity, information technology (IT) consulting/support, systems administration, network operations, software development/support, technology solutions, practice development, architecture, and/or consulting OR equivalent experience
  • Broad experience in security and expertise around related technologies and concepts such as Zero Trust, threat management, SOC monitoring (SIEM / SOAR), and Extended Detection & Response (XDR) + SIEM and Identity
  • Knowledge as a security engineer or consultant to understand industry trends and competitive landscape, advise customers on ways to strengthen their security posture or health, and land customer value through security
  • Technical aptitude and experience to learn new cloud security technologies and understand relevant cloud security market trends
  • Knowledge of cloud security platforms and competitors
  • Breadth of technical security experience and knowledge, with depth / Subject Matter Expertise in two or more of the following security solutions: Threat protection - Microsoft Defender for Cloud, Endpoint, Identity and O365 - hands on experience required, supported with certificates
  • Microsoft Sentinel - Hands on Experience in deploying Microsoft Sentinel in complex customer environments
  • Defender for Cloud - Hands On Experience in deploying Microsoft Defender for Cloud
  • Identity and Access Management (Microsoft Entra)
Job Responsibility
Job Responsibility
  • Trusted Advisor - Empower customers in their Microsoft Security adoption journey, being hands on with them to envision and define a Secure strategy, Architecture, and implementation of necessary security controls aligned with Microsoft XDR and Microsoft Azure Security workloads (Defender and Microsoft Sentinel) while ensuring operational health
  • Security Services Acquisition and Expansion - Position and deliver solutions that drive Security products usage with a focus on Defender and Microsoft Sentinel. Collaborate with Azure Infrastructure, Data, Apps teams to expand Security of cloud migration projects
  • Understand Customer/Partner Technical Environment - Accelerate Business Value of overall Security adoption by improving security posture and ensuring that the solution exhibits "Secure by Design" and Zero Trust framework
  • Architecture Design and Deployment - Run Architectural Design Session to build a plan for implementing the solution — governing design in line with customer business goals and their technical environment. Outcome is consensus on solution design and next steps toward production
  • Practice Development - Collaborate and orchestrate with other Cloud Solution Architects and Microsoft stakeholders including FastTrack, partner, and Microsoft Services in developing complex end-to-end Enterprise solutions with the Microsoft Security platform
  • Voice of the Customer- Be a Voice of Customer to share insights and best practices, connect with Global Security teams at Microsoft, Engineering and Product teams to remove blockers and influence the solution roadmap
  • Fulltime
Read More
Arrow Right

Implementation Engineer

The Senior Onboarding Engineer owns the end-to-end client onboarding process — f...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
zazz.io Logo
Zazz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven MSP onboarding experience across multiple clients and environments
  • Hands-on expertise in NinjaOne RMM / PSA configuration, automation, and scripting
  • Deep knowledge of Microsoft 365, Entra ID, Intune, Defender for Endpoint, Defender for Office 365
  • Practical experience in Axcient x360Recover / x360Cloud backup configuration and restore validation
  • Strong understanding of Meraki networking, Cisco VPN, and SNMP monitoring
  • Familiarity with Microsoft Sentinel, Purview, and Cynomi compliance tools
  • Proficiency in PowerShell and Bash for automation and policy enforcement
  • Strong documentation discipline with IT Glue, Zoho Vault, and SharePoint
  • Excellent understanding of MSP operations, SLAs, and ITIL processes
Job Responsibility
Job Responsibility
  • Act as the technical lead for new client onboarding engagements
  • Conduct kick-off calls with clients, gather infrastructure data, define timelines, and document scope of onboarding
  • Translate SOWs and service catalogs into actionable onboarding plans with milestones and dependencies
  • Collaborate with MSP Lead, vCISO, and TAMs to align security, compliance, and operational requirements
  • Lead discovery across on-prem, hybrid, and cloud environments: servers, endpoints, firewalls, switches, VPNs, M365 tenants, backups
  • Use NinjaOne, Intune, and network scanning tools to build the initial device inventory
  • Evaluate existing patch levels, AV coverage, backup health, and identity configurations
  • Document full environment architecture in IT Glue with asset hierarchy and configuration snapshots
  • Design and implement NinjaOne RMM configurations for new clients — groups, automation jobs, patch policies, alerts, and scripts
  • Integrate RMM with PSA modules for ticket creation, escalation, and SLA tracking
  • Fulltime
Read More
Arrow Right

Technical Engineering Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • Extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
  • Fulltime
Read More
Arrow Right

Technical Engineer Lead

This role leads the Security Engineering team within ANS’s Security Operations C...
Location
Location
Salary
Salary:
Not provided
ans.co.uk Logo
ANS Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience managing or leading a technical security engineering team within an MSP, MSSP or SOC environment
  • Proven experience with Microsoft Security Suite (Sentinel, Defender XDR, Defender for Cloud) and Sentinel setup/integration
  • Strong technical expertise with Microsoft Azure (Azure AD, Lighthouse, and security architecture)
  • Proven experience configuring connectors, setting up data ingestion, and tuning detection rules
  • Experience with Google Chronicle SOAR or other SOAR/SIEM platforms
  • Comfortable writing or modifying KQL queries, understanding detection logic, and debugging enrichment issues
  • Excellent communication and interpersonal skills, able to translate technical activity into customer-facing updates
  • High emotional intelligence able to support and guide a stretched team, while holding standards and focus
  • Ability to set priorities, manage competing demands and keep work structured in fast-paced environments
  • Prior exposure to cost control in log ingestion or cloud service consumption
Job Responsibility
Job Responsibility
  • Lead and schedule the SOC Engineering team to ensure clarity, consistency and manageable workloads across onboarding and live services
  • Own the delivery of engineering activity during customer onboarding and transition, including Sentinel connector setup, Microsoft Defender integration, rule tuning, and SOAR playbook deployment
  • Ensure structured service handover to SOC Analysts post-onboarding, with clear technical documentation and expectations
  • Act as escalation point for complex engineering-led issues in live environments, maintaining SLAs and platform health
  • Drive continual improvement in detection logic, rule effectiveness, enrichment, automation and engineering playbooks
  • Provide technical leadership in core tooling: Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Entra ID and integration platforms. Google Chronicle SOAR (technical ownership sits with SecDevOps Lead)
  • Champion best practices in customer environment configuration, data ingestion, and engineering change control
  • Bring structure to engineering reporting and team outputs, with clarity on ownership, outcomes, and next steps
  • Support the development of junior engineers, setting standards for communication, time management and delivery focus
What we offer
What we offer
  • 25 days’ holiday, plus you can buy up to 5 more days
  • Birthday off
  • An extra celebration day
  • 5 days’ additional holiday in the year you get married
  • 5 volunteer days
  • Private health insurance
  • Pension contribution match and 4 x life assurance
  • Flexible working and work from anywhere for up to 30 days per year (some exceptions)
  • Maternity: 16 weeks’ full pay, Paternity: 3 weeks’ full pay, Adoption: 16 weeks’ full pay
  • Company social events
Read More
Arrow Right

Sql Server Security Engineer

We are seeking an experienced SQL Server 2022 Security & Encryption Engineer to ...
Location
Location
United States , Miami
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of hands-on experience as a SQL Server DBA or Database Security Engineer
  • Deep expertise in SQL Server 2022 security features, specifically: Transparent Data Encryption (TDE), Always Encrypted (with Azure Key Vault), Column-Level Encryption, Row-Level Security and Dynamic Data Masking, SQL Server Audit and log shipping to SIEM (Sentinel)
  • Proven experience implementing encryption solutions for databases containing PHI in regulated healthcare environments
  • Strong knowledge of HIPAA Security Rule technical safeguards and ability to produce auditable compliance evidence
  • Experience with Azure Key Vault for cryptographic key management
  • Solid understanding of TLS configuration, certificate management, and SQL Server surface area hardening
  • Excellent documentation and communication skills
Job Responsibility
Job Responsibility
  • Deploy and configure SQL Server 2022 with a full security and encryption stack, including: Transparent Data Encryption (TDE), Always Encrypted with Azure Key Vault integration, Column-Level Encryption on all PHI-containing columns, Row-Level Security (RLS), Dynamic Data Masking (DDM)
  • Implement SQL Server Audit and route audit logs to Microsoft Sentinel for centralized monitoring and alerting
  • Enforce TLS 1.2 / 1.3 for all database connections and disable legacy protocols
  • Perform surface area reduction and hardening (disable unnecessary features, xp_cmdshell, etc.)
  • Design and implement secure key management practices using Azure Key Vault
  • Develop and document encryption strategies, policies, and procedures for PHI protection
  • Create a complete HIPAA Technical Safeguard evidence package including configuration documentation, encryption inventories, key management processes, and audit procedures
  • Collaborate with the Microsoft Security Framework Engineer and Microsoft Sentinel Engineer to ensure seamless integration with the broader security stack (Defender, Sentinel, Purview DLP, etc.)
  • Provide knowledge transfer and training to internal database and security teams
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Senior Microsoft Sentinel Engineer

The Senior Microsoft Sentinel Engineer will be responsible for designing and mai...
Location
Location
Romania , Brasov
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field
  • Minimum 5-10 years of experience in a similar role
  • Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management
  • Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting
  • Deep understanding of security monitoring, threat detection methodologies, and incident response practices
  • Deep understanding of log source onboarding in Sentinel
  • Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps)
  • Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls
  • Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders
  • Linux proficiency
Job Responsibility
Job Responsibility
  • Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives
  • Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments
  • Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency
  • Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration
  • Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources
  • Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams
  • Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities
  • Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards
  • Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio
  • Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy