Key skills
AzureLogic AppsEntra IDLeadershipCloud Security
About this role
Title: MS Sentinal Engineer/SME
Location: Remote
Duration: 6+ Months Contract to Hire - no sponsorship available
Required Skills:
5+ years of experience in:
- Security Operations Center (SOC) environments
- Incident Response
- Azure Cloud Securit
Education & Experience
- Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or related field
OR equivalent combination of relevant education and hands-on experience - 5+ years of experience in:
- Security Operations Center (SOC) environments
- Incident Response
- Azure Cloud Security
SOC & Incident Response Expertise
- Senior-level SOC experience (L3 / Senior / Principal) acting as an escalation point for high-severity and complex incidents
- Proven leadership in incident response, including root cause analysis (RCA) and post-incident improvements
- Hands-on threat hunting experience with continuous improvement mindset
Microsoft Sentinel & SIEM
- Expert-level Microsoft Sentinel (Azure SIEM) experience, including:
- Log ingestion and integration
- Data lifecycle management
- Incident investigation and response
- Strong experience with:
- Log normalization, parsing, and data quality management
- SIEM performance tuning (noise reduction + detection accuracy)
- Advanced KQL skills for:
- Detection development
- Threat hunting
- Large-scale data analysis
Detection Engineering & Automation
- Deep experience in detection engineering, aligned to MITRE ATT&CK
- Hands-on automation and orchestration using:
- Sentinel playbooks
- Logic Apps or similar SOAR tooling
Security Tooling & Cloud Security
- Strong working knowledge of enterprise and cloud security tools, including:
- Next-Gen Firewalls
- IDS/IPS
- EDR/XDR
- Antivirus
- Microsoft Defender Suite
- Internet proxies and cloud security tools
- Solid understanding of:
- Azure security controls
- Identity security (Entra ID)
- Cloud-native and enterprise security architectures