CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Software Development

Senior Microsoft Sentinel Engineer

Romania, Brasov · Job Posted April 23, 2026
Apply Position
Job Link Share

Job Description

The Senior Microsoft Sentinel Engineer will be responsible for designing and maintaining Microsoft Sentinel deployments, optimizing detection rules, and leading threat hunting initiatives. Candidates should have a bachelor's degree in Information Security or related fields and 5-10 years of experience in similar roles. Proficiency in KQL and Microsoft Sentinel is essential. Relevant certifications such as SC-200 and SC-100 are preferred. The role offers flexible working options and opportunities for professional development.

Job Responsibility

  • Design, implement, and maintain Microsoft Sentinel deployments, ensuring optimal configuration, data ingestion quality, and alignment with organizational security objectives
  • Create, refine, and optimize detection rules, analytics, workbooks, and dashboards to support effective monitoring of cloud, hybrid, and on-premises environments
  • Develop advanced KQL queries to support threat detection, hunting, reporting, and operational efficiency
  • Build and maintain SOAR playbooks using Logic Apps to automate triage, response actions, and workflow orchestration
  • Lead threat hunting initiatives leveraging Microsoft Sentinel, Defender XDR suite data, and relevant threat intelligence sources
  • Produce comprehensive documentation, including use cases, detection logic, response procedures, runbooks, and architectural diagrams
  • Collaborate with SOC analysts, security engineers, cloud teams, and application owners to ensure cohesive incident response and coordinated remediation activities
  • Oversee the integration of new log sources, ensuring proper mapping, normalization, and adherence to governance and compliance standards
  • Conduct continuous tuning and performance optimization of alerts, analytic rules, and data connectors to improve signal-to-noise ratio
  • Provide guidance, mentorship, and technical leadership to junior team members and cross-functional IT staff
  • Available for 24x7 OnCall

Requirements

  • Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field
  • Minimum 5-10 years of experience in a similar role
  • Extensive hands-on experience administering and engineering solutions within Microsoft Sentinel, including custom analytics, automation, and log management
  • Strong proficiency in KQL with the ability to craft complex queries for detection, investigation, and reporting
  • Deep understanding of security monitoring, threat detection methodologies, and incident response practices
  • Deep understanding of log source onboarding in Sentinel
  • Practical experience with Microsoft Defender XDR solutions (Defender for Endpoint, Identity, Office 365, and Cloud Apps)
  • Familiarity with cloud-native security architecture, particularly Azure services, identity management, and network security controls
  • Ability to translate technical concepts into clear, actionable guidance for various levels of stakeholders
  • Linux proficiency
  • Ansible/Terraform literate
  • Effective communication and documentation skills

Nice to have

  • Relevant certifications (e.g., SC-200, SC-100, AZ-500, CISSP, GIAC certifications)
  • Experience integrating Sentinel with third-party log sources, SIEM platforms, and security tools
  • Knowledge of Python, Bash, PowerShell, or similar scripting languages
  • Background in SOC operations, threat hunting, detection engineering, or cloud security
  • German language

What we offer

  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Microsoft Sentinel Engineer

8 matching positions

Junior Engineer Microsoft Sentinel

The Junior Security Engineer will support the operation and enhancement of secur...
Location
Location
Romania , Brasov
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in IT/ Finance / Business Administration, Project Management, or related fields
  • Minimum 1-3 years of experience in a similar role
  • Foundational understanding of SIEM concepts, security analytics, and incident response workflows
  • Basic familiarity with Microsoft Sentinel or comparable SIEM platforms
  • Introductory experience with KQL or willingness to learn and apply it regularly
  • Experience with Linux, Ansible, Terraform
  • General understanding of common security concepts such as logging, identity, endpoint security, and network fundamentals
  • Ability to analyze information methodically and communicate findings clearly
  • Preferred hands-on practice gained through internships, labs, home labs, or academic projects
  • Relevant certifications (e.g., SC-200, AZ-900, AZ-500, or equivalent introductory certifications)
Job Responsibility
Job Responsibility
  • Assist with the daily operation of Microsoft Sentinel, including monitoring data connectors, verifying log ingestion, and supporting health checks
  • Contribute to the creation and refinement of analytic rules, detection logic, dashboards, and workbooks
  • Develop and maintain KQL queries for reporting, basic threat hunting, and alert investigations
  • Support the creation and testing of SOAR playbooks to automate response workflows and routine tasks
  • Participate in incident triage by reviewing alerts, gathering relevant data, and escalating findings as needed
  • Document processes, investigation steps, detection logic, and playbook procedures in a consistent and organized manner
  • Assist in integrating new log sources into Sentinel, ensuring proper configuration and data validation
  • Work with senior engineers, SOC analysts, and IT teams to help ensure timely follow-up on investigations and remediation activities
  • Contribute to the continuous improvement of detections, alert quality, and visibility across cloud and on-premises environments
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Test Engineer, Senior

As a Senior Test Engineer, you’ll partner with cloud, security, and software eng...
Location
Location
United States , Annapolis Junction
Salary
Salary:
61900.00 - 141000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in test engineering, quality assurance, test evaluation, or verification & validation
  • Experience testing and validating the full suite of Microsoft capabilities, including O365 capabilities, such as SharePoint, and cross tenant identity, cross cloud trust, guest access, and newly introduced platform features, based on trust configuration, conditional access, and governance control
  • Experience developing and executing detailed test plans, test cases, and traceability matrices
  • Experience testing cloud services across compute, storage, networking, identity, monitoring, and security
  • Ability to identify, document, and communicate defects and drive remediation
  • Ability to create technical documentation, architecture diagrams, or workflow artifacts
  • Secret clearance
  • Bachelor’s degree and 3+ years of experience as a test engineer in Microsoft products, OR Master’s degree and 2+ years of experience as a test engineer in Microsoft products
  • AZ‑104, SC‑200, SC‑300, or SC‑900 Certification
Job Responsibility
Job Responsibility
  • Partner with cloud, security, and software engineering teams to validate solutions built using the full suite of Microsoft capabilities, including Azure, Sentinel, Microsoft 365, Entra ID, External Collaboration, and emerging capabilities such as Multi‑Tenant Organization (MTO), Copilot Studio, New Outlook, and Teams Premium
  • Translate requirements into test plans, execute automated and manual test cases, verify performance and configuration behaviors, and collaborate closely with engineering teams to resolve issues across complex, multi‑tenant environments
  • Test a broad range of capabilities, including cross‑tenant access controls, Business to Business (B2B) direct connect, external collaboration policies, identity governance flows, application integrations, cloud monitoring, security analytics, and newly introduced tenant features
  • Automate performance and security testing, evaluate cross‑cloud governance, ensure alignment with DoD security standards, and support the delivery of secure, high‑quality cloud services while providing technical mentorship and operating with minimal oversight
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
  • Fulltime
Read More
Arrow Right

End Point Security Senior Engineer

Senior Engineer role focused on endpoint security implementation and maintenance...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience with EDR/XDR platforms such as Microsoft Defender for Endpoint or Sentinel One
  • Familiarity with vulnerability management tools
  • Knowledge of endpoint technologies including BitLocker, Application control, Endpoint privilege management, Windows Defender Firewall
  • Understanding of endpoint threat intelligence and ability to analyze threat data
  • Scripting or automation experience using PowerShell or other scripting languages
  • Total Experience Expected: 02-06 years
  • B.tech/BE/BCA qualification
Job Responsibility
Job Responsibility
  • Implement and maintain endpoint security solutions such as EDR, antivirus, encryption, and application control tools
  • Monitor, analyze, and respond to security alerts and incidents originating from workstations and endpoints
  • Apply and manage workstation hardening standards, including adherence to security baselines
  • Conduct vulnerability assessments on endpoints and coordinate timely remediation activities
  • Manage patch deployment for operating systems and applications to ensure compliance with internal policies and reduce exposure to threats
  • Ensure endpoint systems comply with security policies, standards, and regulatory frameworks
  • Actively participate in incident response efforts related to endpoint breaches or malware incidents
  • Contribute to risk assessments and provide input during security architecture reviews related to endpoints
  • Maintain a strong understanding of Windows and macOS operating systems from a security perspective
  • Fulltime
Read More
Arrow Right

Senior Cyber Engineer

Senior Security Engineer – Security Cleared Hybryd - 3 days on stie Hemel Hempst...
Location
Location
United Kingdom , Hemel Hempstead
Salary
Salary:
65000.00 - 75000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security Engineering within complex environments
  • SIEM technologies such as Microsoft Sentinel and/or Splunk
  • Security monitoring, detection and incident response
  • Client-facing delivery and stakeholder management
  • Leading projects or mentoring junior team members
  • Cloud and hybrid environments
Job Responsibility
Job Responsibility
  • Design, implement and improve security monitoring and detection capabilities across secure client environments
  • Work closely with clients, Security Architects and SOC teams to deliver SIEM and security monitoring solutions
  • Identify risks and improve overall security posture
  • Engage with both technical and non-technical stakeholders
  • Take ownership of delivery and provide practical solutions to complex security challenges
  • Fulltime
Read More
Arrow Right

Senior Solution Engineer - Security

Are you insatiably curious and do you lean into uncertainty, take risks, and lea...
Location
Location
United States , Multiple Locations
Salary
Salary:
106400.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Computer Science, Information Technology, or related field AND 3+ years technical pre-sales or technical consulting experience OR Bachelor's Degree in Computer Science, Information Technology, or related field AND 4+ years technical pre-sales or technical consulting experience OR 5+ years technical pre-sales or technical consulting experience OR equivalent experience
  • Candidates must have authorization to work in the United States that does not now or in the future require employer sponsorship
  • 8+ years technical pre-sales, technical consulting, or technology delivery, or related experience OR equivalent experience
  • 6+ years experience with cloud and hybrid, or on premises infrastructures, architecture designs, migrations, industry standards, and/or technology management
  • Certification in relevant technologies or disciplines (e.g., Office 365, Power BI, Azure Architect and Development exams, Cloud Platform Technologies, Information Security, Architecture)
Job Responsibility
Job Responsibility
  • Drive technical sales with decision makers using demos and PoCs to influence solution design and enable production deployments
  • Lead hands-on engagements—hackathons, code-with sessions, and architecture workshops—to accelerate adoption of Microsoft’s developer tools and cloud platforms
  • Build trusted relationships with developers and platform leads, co-designing secure, scalable architectures and solutions
  • Resolve technical blockers and objections, collaborating with engineering to share insights and improve products
  • Maintain deep technical understanding of cloud security architectures, solutions/technologies including Microsoft M365 Defender, Defender for cloud and Sentinel
  • Develop strategies and recommendations to improve the client's security posture, shapes technical win plan and tailors Microsoft messaging to audience for security opportunities
  • Represent Microsoft through thought leadership in developer communities and customer forums
What we offer
What we offer
  • Certain roles may be eligible for benefits and other compensation
  • Fulltime
Read More
Arrow Right

Senior Azure Engineer

This role is focused on improving the stability, security, and governance of an ...
Location
Location
United States , Nashville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience administering and supporting Microsoft Azure infrastructure
  • Strong knowledge of Azure networking, virtual machines, core platform services, and cloud administration best practices
  • Demonstrated expertise in access management, permissions, and identity-related controls within Azure environments
  • Experience addressing audit, compliance, or regulated-environment requirements through technical remediation work
  • Proficiency with PowerShell for automation, scripting, and operational support tasks
  • Ability to work independently in environments with limited documentation and competing priorities
  • Strong understanding of cloud governance and security tools such as Azure Policy, Microsoft Defender, or Azure Sentinel
Job Responsibility
Job Responsibility
  • Evaluate the current Azure environment to uncover configuration weaknesses, control gaps, and areas requiring remediation
  • Execute corrective actions related to identity access, permission structures, and broader cloud security controls
  • Partner with security stakeholders to resolve audit findings and strengthen compliance alignment across Azure services
  • Streamline and standardize Azure configurations to improve consistency, maintainability, and operational readiness
  • Contribute to governance efforts by helping enforce policies, increase visibility, and improve control coverage within the platform
  • Document technical changes, remediation steps, and environment updates to support traceability and team knowledge sharing
  • Provide limited production support when needed while maintaining primary focus on audit-driven infrastructure work
  • Collaborate with a small cross-functional technology team, including infrastructure, engineering, and security resources, to advance remediation priorities
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Enroll in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Serve as the technical authority for the Microsoft security stack across cloud a...
Location
Location
United States , Madison, WI
Salary
Salary:
Not provided
carexconsulting.com Logo
Carex Consulting Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in security engineering or advanced security operations
  • Deep hands-on expertise with Microsoft Defender for Endpoint and SIEM platforms such as Microsoft Sentinel
  • Strong experience with automation and scripting, including PowerShell, Python, and KQL
  • Advanced understanding of cloud security architecture, particularly within Azure environments
  • Proven experience leading incident response efforts and conducting root cause analysis
  • Bachelor’s degree or equivalent practical experience
  • One or more relevant security certifications (AZ?500, CCSP, CISSP, or GIAC preferred)
  • Ability to operate effectively in fast-paced, evolving environments while managing multiple priorities with precision
Job Responsibility
Job Responsibility
  • Lead detection engineering within the SIEM platform, including use case development, correlation rule tuning, and alert optimization
  • Own the technical strategy and architecture for Microsoft Defender for Endpoint, including policy design and advanced investigation capabilities
  • Lead and coordinate response to significant security incidents, performing root cause analysis and driving control improvements
  • Conduct proactive threat hunting across endpoints, identity platforms, and cloud environments
  • Define and maintain secure configuration standards for Azure, Microsoft 365, and hybrid infrastructure
  • Design and optimize identity security controls, including conditional access, privileged access management, and identity governance
  • Establish logging standards and enhance telemetry coverage across infrastructure, cloud, and identity systems
  • Participate in architecture and design reviews to identify security risks early and recommend practical mitigations
  • Guide vulnerability management strategy and remediation prioritization
  • Support cybersecurity audits and regulatory examinations through technical validation of control effectiveness
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Truveta is the world’s first health provider led data platform with a vision of ...
Location
Location
United States , Seattle
Salary
Salary:
135000.00 - 180000.00 USD / Year
truveta.com Logo
Truveta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cyber Security, Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience
  • 5+ years of experience in Security Operations (SOC), Incident Response, or Detection & Response role, with demonstrated ownership of complex security incidents
  • Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, Cloud Apps)
  • Proficiency in KQL (Kusto Query Language) for investigations, threat hunting, and detection engineering
  • Experience designing, tuning, and maintaining SIEM detections and SOAR automation, including alert triage and response workflows
  • Solid understanding of Azure cloud architecture, core services, and native security controls
  • Familiarity with Azure Entra ID, identity security concepts, RBAC, and IAM-related threats
  • Experience with handing high-severity security incidents, including cross-team coordination and stakeholder communication
  • Familiarity with MITRE ATT&CK, threat actor techniques, and modern attack methodologies across cloud, identity, and endpoint environments
  • Experience supporting on-call rotations and working in a 24/7 or follow-the-sun SOC environment
Job Responsibility
Job Responsibility
  • Incident Response: Handle investigation and response to security incidents across endpoints, identities, email, cloud workloads, and SaaS applications
  • Act as a senior escalation point for SOC analysts during complex or ambiguous security events
  • Participate in on-call rotations and provide senior-level escalation support when needed
  • Lead or contribute to post-incident reviews (RCA, postmortems) and track remediation actions to completion
  • Ensure incidents are accurately documented for audit, compliance, and operational learning
  • Maintain and improve incident response runbooks, playbooks, and escalation procedures
  • Support incident readiness activities, including tabletop exercises and response drills
  • Detection Engineering & Automation: Develop, tune, and maintain Microsoft Sentinel analytics rules to improve detection quality and reduce false positives
  • Design and optimize KQL queries for investigations, threat hunting, and detection engineering
  • Integrate and maintain log sources and data connectors in Microsoft Sentinel, ensuring data quality and proper normalization
What we offer
What we offer
  • Interesting and meaningful work for every career stage
  • Great benefits package
  • Comprehensive benefits with strong medical, dental and vision insurance plans
  • 401K plan
  • Professional development & training opportunities for continuous learning
  • Work/life autonomy via flexible work hours and flexible paid time off
  • Generous parental leave
  • Regular team activities (virtual and in-person)
  • Fulltime
Read More
Arrow Right