This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Senior Microsoft Sentinel Engineer will be responsible for designing and maintaining Microsoft Sentinel deployments, optimizing detection rules, and leading threat hunting initiatives. Candidates should have a bachelor's degree in Information Security or related fields and 5-10 years of experience in similar roles. Proficiency in KQL and Microsoft Sentinel is essential. Relevant certifications such as SC-200 and SC-100 are preferred. The role offers flexible working options and opportunities for professional development.
Job Responsibility:
Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives
Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments
Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency
Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration
Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources
Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams
Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities
Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards
Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio
Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff
Available for 24x7 OnCall
Requirements:
Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field
Minimum 5-10 years of experience in a similar role
Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management
Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting
Deep understanding of security monitoring, threat detection methodologies, and incident response practices
Deep understanding of log source onboarding in Sentinel
Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps)
Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls
Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders