Senior Microsoft Security Engineer (remote)

Position Description

This exciting opportunity is a full-time, permanent role with Pellera Technologies. As a Senior Engineer within the Security Architecture & Defense practice, you will act as a trusted advisor to Pellera's client base. The Senior Engineer will provide expertise in administering technical service delivery efforts, specifically engineering of Microsoft Security solutions. The Senior Engineer will also be involved in deploying and customizing security solutions per the unique client environment requirements. We invest heavily in our team members growth with cross-technology training and certification training and, look forward to working with you!

Key Responsibilities

• Provide day to day support for enterprise level security solutions such as Sentinel
• Support the integration, upgrades and ongoing maintenance of SIEM/SOAR, EDR/XDR, DLP, etc
• Investigate and implement improvements within client environments when appropriate
• Build rules, workbooks, hunting queries and playbooks
• Conduct proactive threat hunting across cloud & hybrid environments using the MITRE ATT&CK framework
• Gather requirements and apply product upgrades as appropriate and train client base as needed; address all issues in a timely fashion related to system supported
• Troubleshoot product issues as they arise
• Evaluate and recommend new and emerging services and technologies

Knowledge & Competencies

• Expert-level proficiency in building, tuning, and managing Sentinel analytics rules, workbooks, hunting queries (KQL), and playbooks (Logic Apps).
• Demonstrated experience conducting proactive threat hunting across cloud and hybrid environments using MITRE ATT&CK framework.
• Strong capability in threat modeling and adversary simulation to identify detection gaps and improve SOC coverage.
• Hands-on experience managing and investigating alerts and incidents using EDR/XDR tools
• Advanced knowledge of Kusto Query Language (KQL) for building complex queries and custom hunting use cases.
• Solid understanding of log ingestion pipelines, normalization schemas (like ASIM), and data connector management within Sentinel.
• Deep familiarity with common attacker techniques, tactics, and procedures (TTPs), and the ability to translate them into high-fidelity detection logic.
• Experience conducting incident response, root cause analysis, and post-incident reporting, including collaboration with stakeholders and regulatory compliance teams.

Education & Qualifications

• 5+ years of experience in professional cybersecurity capacity
• 5+ years of experience working with Microsoft security solutions especially Sentinel and applicable integration tools that compliment SOAR capabilities
• Microsoft security certifications are preferred
• Industry leading certifications are a plus especially via SANS

Work Environment

• Remote within the United States

Total Rewards

• We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, PTO/holiday, training/development, promotional opportunity and so much more.