Job Description

Skill: Microsoft Sentinel Implementation Engineer

Experience: 5+ years

Interview Location: Hyderabad


Job Description:


The Microsoft Sentinel SIEM Implementation Engineer is responsible for designing, deploying, configuring, and operationalizing Microsoft Sentinel to meet enterprise security monitoring, detection, and response requirements. This role involves integrating diverse data sources, creating analytics rules and workbooks, implementing automation through SOAR/Logic Apps, and ensuring Sentinel aligns with security and compliance standards.


Sentinel Deployment & Architecture

  • Design and implement Microsoft Sentinel SIEM architecture for large and mid-sized organizations.
  • Configure workspaces, data retention, Log Analytics architecture, and role-based access control (RBAC).
  • Conduct onboarding of data sources using built-in and custom connectors.

Analytics Rules & Threat Detection

  • Develop custom analytics rules (scheduled, UEBA, ML-based).
  • Tune existing rules to reduce false positives.
  • Implement correlation rules for advanced threat use cases.

SOAR & Automation

  • Build Playbooks using Azure Logic Apps for automated response.
  • Integrate Sentinel with ticketing systems (ServiceNow, JIRA, Remedy).
  • Automate incident enrichment, containment, and notifications.


Required Skills & Experience

Technical Skills

  • Strong expertise in Microsoft Sentinel SIEM .
  • Hands-on experience with Azure Log Analytics, DCR/DCE, and KQL.
  • Deep understanding of SOC operations, SIEM correlation, incident response.
  • Experience integrating 3rd‑party security products with Sentinel.
  • Knowledge of Azure Identity, Azure AD, Defender Suite (MDE, MDO, MDI).
  • Proficient in Azure Logic Apps, PowerShell, and REST APIs.
  • Familiarity with threat modeling frameworks (MITRE, Cyber Kill Chain).

Experience

  • 5–10+ years of experience in security engineering or SOC environments.
  • At least 2–5 years of hands‑on Sentinel implementation experience


Preferred Certifications

  • SC-200 : Microsoft Security Operations Analyst
  • SC-100 : Microsoft Cybersecurity Architect
  • AZ-500 : Azure Security Engineer
  • CEH / CISSP / CISM (advantage)

Apply for this Position

Ready to join ? Click the button below to submit your application.

Submit Application