What are the responsibilities and job description for the Microsoft Sentinel / SOC Automation Engineer | W2 Only | position at Xlysi?
-
Administer and maintain Microsoft Sentinel workspaces across Azure and multi-cloud environments
-
Configure, manage, and troubleshoot Sentinel data connectors
-
Design and automate incident response workflows using Logic Apps and Sentinel playbooks
-
Develop, tune, and optimize KQL queries for analytics, threat hunting, and detections
-
Implement and manage custom analytics rules, alerts, and detections
-
Ensure seamless ingestion of security telemetry from cloud, hybrid, and third-party sources
-
Automate repetitive SOC operational tasks to improve efficiency and response times
-
Build and maintain Sentinel dashboards and reports for SOC visibility and leadership reporting
-
Troubleshoot ingestion, connector, and performance issues within Sentinel
-
Collaborate with cloud and infrastructure teams to secure Azure and hybrid workloads
-
Document automation workflows, playbooks, configurations, and SOPs
-
Provide guidance on Sentinel best practices and overall cloud security posture
-
Administer and support Microsoft 365 security configurations
-
Provide technical guidance to clients, internal teams, and stakeholders on Microsoft Purview capabilities and best practices
-
Contribute to continuous improvement of SOC automation and security operations
-
Resolve customer issues through structured problem-solving, collaboration, and research
-
Handle escalated technical issues and perform in-depth troubleshooting and remediation
-
Collaborate cross-team and cross-product to resolve moderately complex security issues
-
Maintain clear documentation of technical findings, fixes, and recommendations