Job description 

Qualifications

Required Qualifications: 

• BS or MS degree in Computer Science or related engineering discipline. 
• 3+ years of hands-on software design, developing, deploying, and coding experience with any one of the programming languages such as Python, Go, C# or Java 
• 3+ years working in cyber security (Information Security, InfoSec, SecOps, Security Operations, SOC, CSOC, etc.) with experience in security engineering, data engineering, automation of analysis, response, or forensics. 
• Hands on experience with many information security tools such as SIEM, XDR, EDR, Firewalls, IDS/IPS, DLP, Vulnerability Management, etc. 

Preferred Qualifications: 

• Hands-on Experience in the development of automation or tools with at least one programming language.  
• Skilled working in development of security content such as detections, data normalization (parsers),SOAR playbooks, and integrations between devices.  
• Experience working with large data sets to answer complex questions, using tools like: SQL, KQL, U-SQL  
• Hands-on experience building Azure-based services with Azure Resource Manager (ARM), ARM templates, ARM policy, IaaS, Logic apps, App services, KeyVault, Microsoft Entra ID etc. 
• Experience in Product research such as understanding product features and integrations. 
• Familiarity with SIEM / SOAR solutions such as Microsoft Sentinel, Splunk, QRadar etc.  
• Understanding / experience with Playbooks, Workbooks, Analytic rules, Notebooks, Azure Functions and KQL queries within Microsoft Sentinel or similar experience in other SIEM solutions such as Splunk, QRadar will be a plus. 
• Familiarity with developer environment tools like Continuous Integration/Continuous Delivery (CI/CD), Azure DevOps, GitHub, and Agile Scrum
• Ability to collaborate with different teams and disciplines. 
• Must be a quick learner and expectation to learn new tools and techniques every day. 
• Excellent problem solving, analytical and debugging skills. 
• Good written and verbal communication skills 
• Exposure in migration from one SIEM to another SIEM will be a plus
• Having security industry certifications like CISSP, CCSP, AZ-500 etc. will be a plus

Responsibilities

• As a Security Engineer, you will be responsible for all aspects of Sentinel out of the box solutions including research, architecture, development, and implementation.  
• Design, develop, test, and deliver high quality Sentinel solutions that help Sentinel customers in data normalization, detection, investigation and remediation of incidents, data visualizations, threat hunting, and analytics. 
• Stay on top of SIEM, XDR and SOAR industry trends and contribute with new ideas to influence Microsoft Sentinel solutions and out of the box content. 
• Work across teams in Microsoft Sentinel, Defender and in other geographies like Israel, United States to drive Sentinel solutions. 
• Participate in periodic on-call rotations to handle service incidents, incident postmortem etc.