"Alerted.org

Knowledge of: * Microsoft Sentinel architecture, SOAR, and UEBA capabilities. * Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD. * Security operations processes (triage, threat detection, incident response, threat modeling). * MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts. * Programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent). * CI/CD pipelines, DevOps practices, and Git-based version control. * API integrations and JSON/YAML structures. Skills in: * Building Logic App workflows and custom Sentinel automation playbooks. * Writing complex KQL queries for analytics, hunting, and behavioral detection. * Developing custom connectors, data maps, and parsers. * Designing and optimizing UEBA detection models. * Debugging SOAR workflows and resolving integration issues. * Communicating technical information clearly to both technical and non-technical audiences. Abilities to: * Work independently and take ownership of complex development tasks. * Translate security requirements into scalable technical solutions. * Analyze threat behaviors and develop meaningful detections. * Work collaboratively with cybersecurity, infrastructure, and application teams. * Manage multiple work assignments and meet deadlines. CANDIDATE SKILLS AND QUALIFICATIONS: Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. Years Required/Preferred Experience 4 Required Graduation from an accredited four-year college or university with major coursework in computer science, computer information systems, software engineering, cybersecurity, or a related field. 2 Required Two (2) years of full-time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering. 2 Required Two (2) years of full-time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering. 3 Preferred Three (3) or more years of hands-on technical experience with Microsoft Sentinel. 1 Preferred Experience developing UEBA models, anomaly detection rules, and behavior-based analytics. 1 Preferred Experience building Security Automation Playbooks (SOAR). 1 Preferred Microsoft certifications such as: SC-200: Security Operations Analyst, AZ-900 / AZ-104, SC-100 / SC-300 1 Preferred Experience integrating Sentinel with EDR, IAM, firewalls, and ticketing systems. 1 Preferred Experience with DevOps pipelines (GitHub, Azure DevOps). 1 Preferred Experience working in a government, healthcare, or regulatory environment.