SOC Analyst (Sentinel Expert)

We’re seeking a Microsoft Sentinel Implementation Engineer to design, deploy, and optimize Microsoft Sentinel and Defender-based SOC environments. This role supports SOC operations by enabling efficient log ingestion, developing analytic rules, and automating detections across cloud and on-prem sources.

Key Responsibilities :

• 6-8 years of experience in administering and optimizing Microsoft Sentinel (connectors, analytic rules, workbooks, playbooks).
• Integrate and normalize log data from Defender, firewalls, M365, and third-party tools.
• Build KQL queries , correlation rules, and SOAR automation (Logic Apps).
• Optimize data ingestion and storage for performance and cost efficiency.
• Collaborate with SOC teams to enhance detection coverage and reduce alert fatigue.
• Maintain and fine-tune Microsoft Defender XDR integrations with Sentinel.

Preferred Skills & Certifications :

Strong KQL and PowerShell skills; familiarity with Azure Monitor, AMA, and security APIs.

Certifications : SC-200 , AZ-500 , or SC-100 preferred.