Full Job DescriptionWith Azure Sentinel, Microsoft is redefining SIEM (Security Information and Event Management) for the cloud era. It leverages cutting-edge cloud technology, big data, machine learning and AI to empower Security Operations Centers to defend against increasingly sophisticated and rapidly evolving cyberthreats.
Our team is growing and we’re looking for a passionate Security Engineer to join us in our journey. This position is a unique opportunity to be part of a world class team, building one of the most exciting products in the cybersecurity space from the ground up.
We are looking for a passionate security engineer that will be part of a new team that will focus on building, enhancing, and supporting integrations and solutions on top of the Azure Sentinel platform – at scale. Building Azure Sentinel’s solutions include creating configuration-based integrations with other products to ingest data into Azure Sentinel, defining schemas, authoring new detections, building interactive dashboards, and automation workflows, that help SOC analysts identify and respond to cyber threats.
If you are passionate about finding creative ways to leverage new technologies, customer obsessed and want to be part of a growing team and inspire others in this journey, then this is the role for you.
We are a global team that has a strong drive for results and believes that effective collaboration is how we all achieve more. This role requires cross-team and cross-geo collaboration. The ideal candidate should have a demonstrated track record of cross-team, partner and customer engagement.
Responsibilities
As part of this role, you will
Research, build and support integrations between Azure Sentinel and other products and solutions by leveraging and applying technologies built for Azure Sentinel.
Build insights, detections, interactive dashboards, and automation workflows.
Build automation tools to validate and publish solutions built by partners.
Be responsible for building, testing and deploying E2E solutions and supporting them.
Provide support and maintenance of the team’s scenarios, including automation – while working with the support team upon customers tickets.
Work closely with product management, partner with other engineering teams, security experts, data scientists, to collaborate and integrate with additional capabilities in Azure Sentinel.
Qualifications
Basic Qualifications:
9+ years of experience in leading software, security and data integration projects
7+ years of experience in administration or building SIEM products like Azure Sentinel, ArcSight, Splunk or QRadar
3+ years of scripting experience in PowerShell or Python
Experience in Content creation on the top of SIEM/Log Management tool.
Good cross team, cross geolocation collaboration skills.
Preferred Qualifications:
Demonstratinig strong experience in Ownership of several security projects and deliver end to end goals.
Experience in creating analytic rules, incidents, playbooks, notebooks, workbooks, threat hunting and KQL queries within Azure Sentinel or similar experience in other SIEM solutions
Creation of data normalization and parsing capabilities within Log Analytics workspace.
Scripting experience in PowerShell or Python or software development experience
Intermediate knowledge of Azure Functions or AWS Lambda
Development of SIEM and SOAR use cases
Building content on top of Log Management/SIEM is a major advantage.
Experience in Query language such as SQL or KQL (Kusto Query Language)
Familiarity with GitHub, Jenkins and CI/CD pipelines
Certifications like Microsoft Azure Security Technologies (AZ-500), Azure Security Operations Analyst (SC-200) or Developing Solutions for Microsoft Azure (AZ-204)
Experience in Microsoft Azure technologies or other clouds
Proven record of supporting customers, being customer obsessed and data-driven
Ability to collaborate with different teams and disciplines.
Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.
Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.