Senior Cybersecurity Engineer/Analyst

Job Title: Senior Cybersecurity Engineer/Analyst
Location : Minneapolis, MN; Denver, CO; Salt Lake City, UT; Phoenix, AZ
Target Start Date : 5/15/2025
Type: D
Pay Rate / Salary (Ranges OK) : $125k annually

Join our client's cybersecurity team where your engineering and analytical expertise will directly protect sensitive attorney-client privileged information across a global legal network. Advance your Microsoft Sentinel skills in a collaborative environment that values technical innovation alongside work-life balance. Build your future with an award-winning workplace that offers competitive compensation, comprehensive benefits, and the opportunity to engineer cutting-edge security solutions for a prestigious international law firm.

We are seeking a Senior Cybersecurity Engineer/Analyst for our client, a prestigious law firm. This position is structured as 70% cybersecurity engineering and 30% cybersecurity analyst responsibilities. You will be primarily responsible for the security system's implementation, maintenance, and optimization, while also contributing to monitoring, detection, response, and incident response functions within our client's information security program and systems.

Primary Engineering Responsibilities (70%):

• Design, implement, and maintain the firm's security infrastructure with Microsoft Sentinel SIEM as the cornerstone of security operations, along with Enterprise Syslog Servers, Intrusion Detection and Protection Systems (IDS/IPS), CASB, and other security tools.
• Engineer and maintain Microsoft Sentinel SIEM as the primary security information and event management solution, along with IDS/IPS, CASB, XDR/EDR Agents, and Syslog Servers feeding the SIEM.
• Develop new Microsoft Sentinel detections aligned with the MITRE Telecommunication&CK framework and engineer SIEM, CASB and other security tool improvements.
• Lead security infrastructure architecture decisions for secure and resilient cloud and on-premises environments.
• Engineer automation solutions within the SOAR environment using ML/AI to drive efficiencies through Microsoft Sentinel workflows.
• Develop, refine, and maintain technical playbooks, configurations, Information Security Standards and Guidelines.
• Configure and optimize log source data collection across endpoints, databases, applications, identity management, networks, mobile devices, and cloud.
• Engineer security tool configurations to optimize detection capabilities and minimize false positives.
• Design and implement security standards and security configuration baselines for systems and business applications.
• Develop and maintain security infrastructure to protect our client's sensitive legal documents and attorney-client privileged information.

Analytical Responsibilities (30%):

• Analyze security events, incidents, and infrastructure issues, and communicate status to leadership.
• Understand our client's core legal business activities to tailor security solutions that protect legal and confidential information assets.
• Conduct expert analysis of logging, malware, or other malicious activity on our client's systems.
• Serve as third-level, triage support for complex security alerts, events, and incidents.
• Research and leverage intelligence sources to improve security alert, event, and incident detection capabilities.
• Monitor SOC metrics, KPIs, and service level objectives for security events and incidents.
• Participate in rotating after-hours, weekend, and holiday on-call schedule for escalation of security issues.
• Assist with internal and external auditors for compliance and risk assessments if needed.
• Work with the SOC Manager to report on the state of the security operations to Information Security Director.
• Mentor junior Security Operations Center staff (SOC) on technical security engineering principles.

What we're looking for:

• High School diploma or G.E.D. equivalent and some post-secondary coursework and/or equivalent experience.
• At least 5 years of information security engineering/SOC experience (or combination of 3 to 5 years of IT system administration with security engineering focus).
• Strong engineering background with the ability to create detections aligning with MITRE Telecommunication&CK framework, particularly within the Microsoft Sentinel environment.
• Advanced technical expertise in designing and implementing security monitoring solutions. In-depth knowledge and expertise with Microsoft Sentinel SIEM as our primary security platform, along with IDS/IPS, web proxies, EDR, XDR, CASB, DNS security, sandboxing, and firewalls.
• Engineering expertise in analyzing and inspecting log files, network packets, and other security tool information outputs from multiple system types through the Microsoft Sentinel console.
• Technical expertise in multiple computing platforms, including Windows, OSX, Linux, Unix, networks, and endpoints.
• Strong knowledge of Information Security, Incident Management, Security Monitoring, Threat Intelligence, Incident Response, and Risk Classification functions.
• Experience with technical analysis of email headers, links, and attachments to determine if an email is malicious, and then executing the appropriate remediation techniques to protect the environment.
• Strong interpersonal and collaborative communication skills. Ability to weigh and communicate business needs and costs against security concerns and articulate issues to management.
• Demonstrated technical knowledge through experience or certification(s).
• Ability to effectively multi-task, prioritize, works calmly under pressure and with tight deadlines, trustworthy and acts with integrity, curious and adaptable.
• Excellent problem-solving abilities, analytical, problem-solving mindset, and attention to detail. Stays current with evolving threat landscape.
• Team oriented and skilled in working in a collaborative environment with the ability to clearly and concisely document and explain technical details (e.g., experience documenting incidents, technical writing, etc.).

Required Technical Skills (minimum of six):

• Microsoft Azure Microsoft Sentinel SIEM engineering experience of three+ years (or similar SIEM experience but strong preference for direct Sentinel experience).
• Microsoft Defender Endpoint Admin experience of two years (or similar EDR).
• Microsoft Defender for Server Admin experience of two years (or similar EDR).
• Microsoft CASB Admin experience of two years (or similar CASB).
• Identity and Access Management Tool Admin Experience of two years, Microsoft EntraID, Microsoft Active Directory (or Sailpoint, CyberArk, Oracle).
• Advanced Windows and Linux operating system skills.
• Advanced HPE Intrusion Detection System Administration skills (or similar SD WAN IDS skills).
• Proficient in scripting languages such as PowerShell, Python, and skilled in using KQL, particularly for creating custom Microsoft Sentinel queries and analytics rules.

Preferred:

• Bachelor's degree.
• Experience with ISO 27001:2022 compliance requirements.
• SANS GSEC GCIA (and related), CISSP, CCSP (a plus).
• Advanced certification in Microsoft Sentinel administration and operations.
• Previous experience in protecting sensitive legal documents, client-attorney privileged information, and legal practice management systems.
• Understanding of regulations and compliance requirements specific to the legal industry.

Welcome to ConsultNet and the family of companies, Tekne, SaltClick, TechBridge, and OmniMedia. As a premier national provider of technology talent and solutions, our expertise spans across project services, contract-to-hire, direct placement, and managed services both onshore and nearshore.

Celebrating more than 25 years of partnership with a diverse client base, we've crafted rewarding opportunities for our consultants, fostering high-performing teams that deliver impactful results.

Over the last few years thousands of consultants have found their calling with us in roles that have made a meaningful impact on their lives, enhanced their career, challenged them, and propelled them towards achieving their personal and professional goals. At the ConsultNet family of companies, we believe effective communication is crucial in aligning the right job with your unique skills and professional aspirations. To us, it's all about the personal approach we take and the values we uphold.

Our comprehensive service offerings cover a wide range of technology positions across key markets nationwide. Client more at .

We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.