Key skills
Cybersecurity engineeringSecurity operationsSIEM platformsMicrosoft SentinelDetection logic developmentThreat detection engineeringKQLLog ingestionData normalizationSecurity telemetryVulnerability managementPatch managementCISSPGCIAGCIHCEHMicrosoft security platformCloud securityFederal security operationsCompliance-driven environmentsAnalytical skillsAnalyticsAWSAzureCloud Security
About this role
Ardent is a company committed to solving customer problems while ensuring the well-being and professional development of its employees. They are seeking a Senior Security Engineer to support security engineering and SIEM administration within a Virtual Security Operations Center, focusing on Microsoft Sentinel and threat detection optimization.
Responsibilities:
- Administer and maintain Microsoft Sentinel, including configuration, performance tuning, and platform optimization
- Develop, tune, and maintain detection rules and analytics to improve threat detection capabilities
- Write and optimize KQL queries for threat detection, investigation, and reporting
- Validate log ingestion and ensure completeness and accuracy of data sources
- Support onboarding and normalization of log sources across enterprise systems
- Coordinate vulnerability prioritization and support patch governance efforts
- Serve as a technical liaison with stakeholders to align security operations with mission needs
- Support incident response efforts through engineering support and tool optimization
- Document engineering processes, detection logic, and system configurations
- Collaborate with SOC analysts and detection engineers to improve detection coverage and response efficiency
Requirements:
- Must be a U.S. Citizen
- Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
- 4+ years of experience in cybersecurity engineering or security operations
- 2+ years of experience supporting SIEM platforms, preferably Microsoft Sentinel
- Experience developing detection logic and performing threat detection engineering
- Proficiency in KQL or similar query languages
- Experience with log ingestion, data normalization, and security telemetry
- Experience supporting vulnerability management and patching processes
- Strong analytical and problem-solving skills
- Ability to communicate technical concepts to diverse audiences
- CISSP, GCIA, GCIH, CEH, or equivalent cybersecurity certification
- Microsoft Sentinel or Microsoft security platform certification
- Cloud security certification (e.g., AWS or Azure security)
- Experience supporting federal or government security operations environments
- Experience working in secure or compliance-driven environments