We are partnered with a major private investment firm to bring on a Security Cloud Detection Engineer out of Dallas, TX*. The ideal candidate will be responsible for enhancing their security operations through the architecture, engineering, and automation of detection and response mechanisms. This role involves working with Microsoft Sentinel SIEM, SOAR tooling, and various security automation technologies to ensure robust security monitoring and incident response.
Primary Responsibilities:
- Develop and implement new detections and automations within the SIEM environment.
- Create and maintain SIEM content, including rules, alerts, and dashboards, to improve the signal-to-noise ratio.
- Configure and manage Microsoft Sentinel, ensuring optimal performance and integration with other security tools.
- Automate alert enrichment processes to enhance detection and prevention coverage.
- Collaborate with external SOC providers to consolidate data sources and ensure high availability of log sources.
- Conduct alert triage and response, managing patch and vulnerability processes.
- Monitor security operations metrics and maintain DLP tools and technologies.
- Provide training and support on SIEM functionalities to internal teams.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 3 years in a security-related engineering role.
- At least 2 years of experience with SIEM/SOAR engineering, specifically with Microsoft Sentinel, Log Analytics, and Defender.
- Proficiency in security automation and automation tooling (e.g., Terraform).
- Strong scripting skills in KQL, Python, and PowerShell.
- Experience with Microsoft Power Apps, Azure Functions, and Logic Apps.
- Knowledge of API development and log ingestion methodologies.
- Familiarity with automated development lifecycles (DevOps).
- Experience with Cisco security tools (Meraki, Umbrella) and multi-tenant or MSP environments.
- Professional certifications such as CISSP, CISM, or CEH.
- Self-starter with a passion for security and continuous improvement.
If you or someone you know is interested, please apply in directly!
*This is a fully onsite role out of the client's Dallas office.
