Demo
Salary Resume Critique Job Openings

Microsoft SOAR

Confidential Jobs
Austin, TX Contractor
POSTED ON 1/6/2026
AVAILABLE BEFORE 2/4/2026

Title: Microsoft SOAR

Location: Austin, TX – Onsite (Locals Only)

Job Description

Essential Job Functions (EJFs)

1. Microsoft Sentinel SOAR Development (40%)

  • Designs, develops, tests, and deploys Sentinel SOAR automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
  • Creates automated workflows for alert enrichment, triage, response actions, notification processes, and case management.
  • Integrates Sentinel with third-party systems (EDR, IAM, ticketing systems, email gateways, firewalls, etc.) to automate security operations.

2. UEBA & Analytics Engineering (30%)

  • Develops custom UEBA detection rules, anomaly models, ML-based behavior patterns, and advanced hunting queries (KQL).
  • Builds and maintains analytics content, data parsers, normalization rules, and entity behavior profiles.
  • Evaluates behavioral anomalies and collaborates with cybersecurity teams to fine-tune detection logic.

3. SIEM Content Development & Platform Engineering (15%)

  • Designs and implements custom data connectors, ingestion pipelines, and data transformation logic.
  • Creates dashboards, workbooks, hunting queries, and detection-as-code assets.
  • Performs platform tuning to improve performance, reduce noise, and align to MITRE ATT&CK and Zero Trust principles.

4. Application Development & Integration (10%)

  • Develops supporting code modules, scripts, microservices, and helper APIs using Python, PowerShell, .NET, or similar languages.
  • Works with DevOps pipelines, CI/CD processes, version control, and infrastructure-as-code where applicable.

5. Documentation, Collaboration & Support (5%)

  • Writes technical design documents, SOPs, architecture diagrams, and automation runbooks.
  • Provides Tier III support for Sentinel engineering issues and participates in after-action reviews when needed.

Knowledge, Skills, and Abilities (KSAs)

Knowledge of:

  • Microsoft Sentinel architecture, SOAR, and UEBA capabilities.
  • Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD.
  • Security operations processes (triage, threat detection, incident response, threat modeling).
  • MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts.
  • Programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent).
  • CI/CD pipelines, DevOps practices, and Git-based version control.
  • API integrations and JSON/YAML structures.

Skills in:

  • Building Logic App workflows and custom Sentinel automation playbooks.
  • Writing complex KQL queries for analytics, hunting, and behavioral detection.
  • Developing custom connectors, data maps, and parsers.
  • Designing and optimizing UEBA detection models.
  • Debugging SOAR workflows and resolving integration issues.
  • Communicating technical information clearly to both technical and non-technical audiences.

Abilities to:

  • Work independently and take ownership of complex development tasks.
  • Translate security requirements into scalable technical solutions.
  • Analyze threat behaviors and develop meaningful detections.
  • Work collaboratively with cybersecurity, infrastructure, and application teams.
  • Manage multiple work assignments and meet deadlines.

Required:

  • Graduation from an accredited four-year college or university with major coursework in computer science, computer information systems, software engineering, cybersecurity, or a related field.
  • Two (2) years of full-time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering.
  • Two (2) years of full-time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering.

Preferred:

  • Three (3) or more years of hands-on technical experience with Microsoft Sentinel.
  • Experience developing UEBA models, anomaly detection rules, and behavior-based analytics.
  • Experience building Security Automation Playbooks (SOAR).
  • Microsoft certifications such as: SC-200: Security Operations Analyst, AZ-900 / AZ-104, SC-100 / SC-300
  • Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems.
  • Experience with DevOps pipelines (GitHub, Azure DevOps).
  • Experience working in a government, healthcare, or regulatory environment.

Hourly Wage Estimation for Microsoft SOAR in Austin, TX
$55.00 to $69.00
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Microsoft SOAR?

Sign up to receive alerts about other jobs on the Microsoft SOAR career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$97,257 - $120,701
Income Estimation: 
$123,167 - $152,295
Income Estimation: 
$117,024 - $149,811
Income Estimation: 
$137,568 - $176,908
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Confidential Jobs

Investment Banking Analyst
Apply
  • Confidential Jobs Washington, DC
  • Job Title: Investment Banking Analyst Location: McLean, VA Sector: Technology About the Role: We are seeking a highly motivated Investment Banking Analyst ... more
  • 13 Days Ago
Supplier Quality Engineer
Apply
  • Confidential Jobs Chattanooga, TN
  • Quality Engineer / QMS Coordinator Position Overview: This role combines responsibilities for supplier quality engineering and quality management system co... more
  • 13 Days Ago
Senior Account Manager
Apply
  • Confidential Jobs Fort Wayne, IN
  • Senior Account Manager – Fort Wayne, IN We’re hiring a Senior Account Manager to help drive growth and strengthen our customer relationships. If you’re mot... more
  • 13 Days Ago
Senior Financial Analyst, FP&A
Apply
  • Confidential Jobs Houston, TX
  • Summary / Objective The Senior Financial Analyst, FP&A supports the Finance team by providing accurate financial analysis, reporting, and forecasting to he... more
  • 13 Days Ago
View More Jobs at Confidential Jobs

Not the job you're looking for? Here are some other Microsoft SOAR jobs in the Austin, TX area that may be a better fit.

Microsoft Sentinel SOAR & UEBA Engineer
Apply
  • Jobs via Dice Austin, TX
  • Dice is the leading career destination for tech experts at every stage of their careers. Our client, Nextgen Information Services, is seeking the following... more
  • 13 Days Ago
Microsoft Sentinel / SOAR / UEBA Software Developer
Apply
  • Technology Recruiting Solutions,Inc. Austin, TX
  • Job Details Software Developer II Microsoft Sentinel / SOAR / UEBA Location: Austin, TX (Hybrid 2 days onsite per week) Contract: Long-Term Eligibility Req... more
  • 13 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!