Microsoft Sentinel Security Engineer

A growing cyber security consulting firm is seeking a Security Engineer with deep experience in Microsoft Sentinel to lead SIEM strategy, threat monitoring, and incident response. You'll play a critical role in enhancing security operations and improving threat visibility across the organization.

Location: On-site at Client HQ - Washington, DC (Hybrid: 3 days per week)
Clearance: Public trust or ability to obtain one
Key Responsibilities:

• Act as the SME for Microsoft Sentinel: manage ingestion, playbooks, workbooks, and alerts
• Monitor internal logs and external threat intelligence for actionable insights
• Build and maintain KQL queries, dashboards, and incident response workflows
• Work with SOC teams and third parties to investigate incidents and tune detections
• Design log ingestion strategies and normalize data for accurate analysis
• Support risk management, threat monitoring, and continuous improvement of the security program
• Train SOC staff on Sentinel usage and best practices
• Participate in security exercises and maintain documentation

Qualifications:

• BS/BA in Cybersecurity, IT, or related field
• 3+ years of experience in cybersecurity, intelligence, or threat detection
• Certification(s): CISSP, GIAC, CEH, Security+, Network+, or equivalent
• Strong hands-on experience with Microsoft Sentinel, SIEM tuning, and KQL
• Familiarity with threat analysis, server/application management, and automation tools
  
  #LI-PF1