What are the responsibilities and job description for the Cybersecurity Engineer, Sentinel (onsite) position at ExecutivePlacements.com?
14348 Cybersecurity Engineer, Sentinel (onsite) Austin, TX
Start Date: ASAP
Type: Temporary Project
Estimated Duration: 7 months with possible extensions
Work Setting: 100% of the time at the Clients site. No telecommuting or remote work. This is a non-negotiable requirement from the client
Required
Availability to work 100% of the time at the Clients site in Austin, TX (required);
Experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering (2 years)
Graduation from an accredited four-year college or university with major coursework in Computer Science, Information Systems, Software Engineering, Cybersecurity, or a related field.
Preferred
Technical experience with Microsoft Sentinel (3 years)
Experience building Security Automation Playbooks (SOAR).
Experience developing UEBA models, anomaly detection rules, and behavior-based analytics.
Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems.
Experience with pipelines such as GitHub or Azure DevOps.
Microsoft certifications (e.g., SC-200, AZ-900/104, SC-100/300).
Prior experience in government, healthcare, or regulatory environments.
Responsibilities Include But Are Not Limited To The Following
Sentinel SOAR Development (40%): Design and deploy automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
UEBA & Analytics (30%): Develop custom detection rules, anomaly models, and advanced hunting queries using KQL.
SIEM Platform Engineering (15%): Implement custom data connectors and ingestion pipelines; align performance to MITRE ATT&CK and Zero Trust principles.
App Integration (10%): Develop helper APIs and microservices using Python, PowerShell, or .NET.
Documentation & Support (5%): Write technical design documents, SOPs, and provide Tier III support for Sentinel engineering issues.
Threat Hunting & Continuous Tuning:Conduct proactive threat hunting using Sentinel workbooks and KQL, then refine analytics rules and playbooks based on findings to reduce false positives and improve detection fidelity.
Partner with cybersecurity, infrastructure, and application teams to define Sentinel use cases, enforce secure onboarding of new data sources, and promote best practices for SOAR and UEBA across the organization.
Start Date: ASAP
Type: Temporary Project
Estimated Duration: 7 months with possible extensions
Work Setting: 100% of the time at the Clients site. No telecommuting or remote work. This is a non-negotiable requirement from the client
Required
Availability to work 100% of the time at the Clients site in Austin, TX (required);
Experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering (2 years)
Graduation from an accredited four-year college or university with major coursework in Computer Science, Information Systems, Software Engineering, Cybersecurity, or a related field.
Preferred
Technical experience with Microsoft Sentinel (3 years)
Experience building Security Automation Playbooks (SOAR).
Experience developing UEBA models, anomaly detection rules, and behavior-based analytics.
Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems.
Experience with pipelines such as GitHub or Azure DevOps.
Microsoft certifications (e.g., SC-200, AZ-900/104, SC-100/300).
Prior experience in government, healthcare, or regulatory environments.
Responsibilities Include But Are Not Limited To The Following
Sentinel SOAR Development (40%): Design and deploy automation playbooks using Azure Logic Apps, Azure Functions, ARM templates, and REST APIs.
UEBA & Analytics (30%): Develop custom detection rules, anomaly models, and advanced hunting queries using KQL.
SIEM Platform Engineering (15%): Implement custom data connectors and ingestion pipelines; align performance to MITRE ATT&CK and Zero Trust principles.
App Integration (10%): Develop helper APIs and microservices using Python, PowerShell, or .NET.
Documentation & Support (5%): Write technical design documents, SOPs, and provide Tier III support for Sentinel engineering issues.
Threat Hunting & Continuous Tuning:Conduct proactive threat hunting using Sentinel workbooks and KQL, then refine analytics rules and playbooks based on findings to reduce false positives and improve detection fidelity.
Partner with cybersecurity, infrastructure, and application teams to define Sentinel use cases, enforce secure onboarding of new data sources, and promote best practices for SOAR and UEBA across the organization.