Cyderes

Security Engineer II, Managed Microsoft Sentinel

Cyderes

full-time

Posted on:

Location Type: Hybrid

Location: BengaluruIndia

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureCloudCyber SecurityFirewallsLinuxPythonTCP/IP

About the role

  • Support intake process including coverage for Eastern Standard Time business hours as required
  • Administer and maintain Microsoft Sentinel and Defender XDR environments across managed clients
  • Perform health monitoring of:
  • Log ingestion pipelines
  • Data connector status
  • Automation playbooks
  • Analytics rule performance
  • Monitor ingestion volumes and support cost optimization initiatives
  • Assist in tenant standardization across multi-client MSSP environments
  • Onboard new data sources into Microsoft Sentinel following established SOPs:
  • Validate connectivity
  • Confirm correct parsing and schema normalization
  • Ensure events are visible and queryable in Log Analytics
  • Integrate Microsoft Defender data sources:
  • Defender for Endpoint
  • Defender for Identity
  • Defender for Office 365
  • Defender for Cloud Apps
  • Validate data integrity and entity mapping
  • Troubleshoot ingestion or connector issues across Azure and third-party integrations
  • Develop and maintain analytics rules (Scheduled, NRT, Fusion)
  • Create and tune detection logic using KQL
  • Reduce false positives through structured tuning and rule refinement
  • Map detections to MITRE ATT&CK framework
  • Improve alert fidelity and correlation between Defender XDR and Sentinel
  • Maintain dashboards, workbooks, and reporting artifacts
  • Assist in building reusable hunting and detection libraries
  • Monitor Sentinel and Defender XDR alerts
  • Perform Tier 2 triage and investigation of escalated alerts
  • Provide clear documentation and escalation to MDR/SOC teams
  • Support root cause investigations for platform or telemetry issues
  • Assist with containment automation where applicable
  • Develop and maintain Azure Logic App playbooks
  • Automate response actions such as:
  • Device isolation
  • User disablement
  • IP blocking
  • Ticket creation
  • Follow change management processes for configuration updates
  • Test changes in lower environments when applicable
  • Contribute to:
  • Runbooks
  • Standard operating procedures
  • Onboarding checklists
  • Detection documentation
  • Document false positives and data quality issues
  • Provide tuning feedback to senior engineers and architecture teams
  • Stay current on Microsoft security roadmap changes
  • Participate in internal training and knowledge-sharing sessions

Requirements

  • **Education**
  • - Diploma or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field (or equivalent experience)
  • **Experience**
  • - 3–5 years of experience in IT security, SOC, or security engineering roles
  • - Minimum 2 years hands-on experience with Microsoft Sentinel
  • - Experience with Microsoft Defender XDR suite
  • - Experience in MSSP or customer-facing environments preferred
  • - Exposure to multi-tenant environments (Azure Lighthouse preferred)
  • **Technical Skills**
  • - Strong working knowledge of:
  • - Microsoft Sentinel
  • - Microsoft Defender XDR
  • - Azure Log Analytics
  • - Proficiency in KQL
  • - Understanding of:
  • - Windows & Linux logs
  • - Azure AD / Entra ID
  • - Networking fundamentals (TCP/IP, ports, firewalls, proxies)
  • - Authentication & authorization models
  • - Experience with:
  • - Azure Logic Apps
  • - REST APIs
  • - PowerShell or Python scripting
  • - Understanding of MITRE ATT&CK framework
  • - Familiarity with MDR operational workflows
  • **Certifications (Preferred)**
  • - SC-200 (Microsoft Security Operations Analyst)
  • - AZ-500 (Azure Security Engineer)
  • - SC-100 (Cybersecurity Architect)
  • - Security+
  • - Relevant Microsoft Defender certifications
  • **Soft Skills**
  • - Strong analytical and problem-solving skills
  • - Clear written and verbal communication
  • - Ability to document investigations and platform changes thoroughly
  • - Customer-focused mindset
  • - Ability to balance operational and engineering responsibilities
Benefits
  • ✔ Medical Insurance - Employee + dependents covered
  • ✔ Life Insurance - Protection for what matters most
  • ✔ Retirement Match Program - We invest in your future
  • ✔ Hybrid Work Model - 2–3 days in office
  • ✔ Maternity & Paternity Leave - Time for the moments that matter
  • ✔ Paid Time Off - PTO + sick & casual leave
  • ✔ Bereavement & Volunteer Time - Give back to your community
  • ✔ Professional Development - Reimbursement program
  • ✔ LinkedIn L&D Platform - Thousands of courses at your fingertips
  • ✔ Mobile Phone Reimbursement - Stay connected, on us
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Microsoft SentinelMicrosoft Defender XDRAzure Log AnalyticsKQLAzure Logic AppsPowerShellPythonREST APIsWindows logsLinux logs
Soft Skills
analytical skillsproblem-solving skillswritten communicationverbal communicationdocumentation skillscustomer-focused mindsetoperational balanceengineering responsibilities
Certifications
SC-200AZ-500SC-100Security+Microsoft Defender certifications